Cross-site scripting (XSS) vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data.
6.1CVSS
6.1AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7.
6.5CVSS
6.3AI Score
0.0004EPSS