Report
Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php.
Score:7.2
Severity:High
Version: 5.1.3
There is a patch available in v5.1.4 and we strongly recommend you update to this version as soon as possible.
