https://www.pluginvulnerabilities.com/2017/12/01/vulnerability-details-reflected-cross-site-scripting-xss-vulnerability-in-user-role-editor/

From time to time a vulnerability is fixed in a plugin without the discoverer putting out a report on the vulnerability and we will put out a post detailing the vulnerability so that we can provide our customers with more complete information on the vulnerability.

All three changelog entries for version 4.38 of the plugin User Role Editor are security related, possibly indicating

Share This