Description
Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP FullCalendar Security Bypass (1.4.1)
Oracle Database Server Other Vulnerability (CVE-2007-0278)
WordPress Plugin Quick Paypal Payments Cross-Site Scripting (3.0)
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (2.6.1)
WordPress Plugin LearnPress-WordPress LMS Multiple Vulnerabilities (3.0.12)