CVE-2013-5711

Cross-site scripting (XSS) vulnerability in admin/walkthrough/walkthrough.php in the Design Approval System plugin before 3.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step parameter.

Date published : 2013-09-16

http://archives.neohapsis.com/archives/bugtraq/2013-09/0055.html

http://wordpress.org/plugins/design-approval-system/other_notes/