Stored XSS Vulnerability in Zoho SalesIQ Plugin for WordPress
CVE-2019-15644
6.1MEDIUM
What is CVE-2019-15644?
The Zoho SalesIQ plugin for WordPress, prior to version 1.0.9, contains a stored cross-site scripting (XSS) vulnerability. This flaw allows attackers to inject malicious scripts into the affected application's stored data. When exploited, this vulnerability can lead to unauthorized actions performed on behalf of users, potentially compromising sensitive information and damaging the integrity of the website. It is crucial for users to upgrade to the latest version to mitigate the risks associated with this security issue.