WordPress Font Organizer plugin <=2.1.1 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting (XSS) vulnerability found Tim Coen in WordPress Font Organizer plugin (versions <=2.1.1).
22 March 2019 - we were unable to find a patched version of this plugin. There is a notice on the WordPress plugin repository "This plugin was closed on March 18, 2019 and is no longer available for download.".
Type XSS (Cross Site Scripting) OWASP Top 10 A3: Cross Site Scripting (XSS)