$_GET['searchll'] is not escaped.
Proof of Concept:
XSS will be visible on page with
[link-library settings=1] tag.
XSS will be visible only if search function return something.
So we can use popular letter (“a” or “e”) and after space put XSS. For example:
- 06-11-2014: Discovered
- 06-11-2014: Vendor notified
- 07-11-2014: Version 5.8.11 released, issue resolved