CVE-2013-5711 Information

Description

Cross-site scripting (XSS) vulnerability in admin/walkthrough/walkthrough.php in the Design Approval System plugin before 3.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2013-09/0055.html http://wordpress.org/plugins/design-approval-system/other_notes/