Magic Post Voice
Monthly
The Magic Post Voice WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the ids parameter found in the ~/inc/admin/main.php file which allows attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Magic Post Voice WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the ids parameter found in the ~/inc/admin/main.php file which allows attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.