Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in MaxButtons
An advisory was released by the JPCERT/CC and IPA that a cross-site scripting (XSS) vulnerability had been fixed in version 6.19 of the plugin MaxButtons, which was discovered by “ASAI Ken and Chris Liu”. In looking at the changes made in that version we found that it was a reflected cross-site scripting (XSS) vulnerability.
…