Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the “t” parameter to iframe-googlefont-preview.php or the “text” parameter to iframe-font-preview.php.
Update the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
titan framework | le | 1.5 |