Br0Sck

Name of the Vulnerable Software and Affected Versions: WP Talroo versions through 2.4 Description: The WP Talroo WordPress plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue. This could be used against high privilege users, such as administrators and unauthenticated users. Recommendations: Update WP Talroo to a version later than 2.4.