Confetti Fall Animation
Monthly
The Confetti Fall Animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'confetti-fall-animation' shortcode in all versions up to, and including, 1.3.1 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Confetti Fall Animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'confetti-fall-animation' shortcode in all versions up to, and including, 1.3.1 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.