RSS   Vulnerabilities for 'Sportspress'   RSS

2021-12-21
 
CVE-2021-24578

CWE-79
 

 
The SportsPress WordPress plugin before 2.7.9 does not sanitise and escape its match_day parameter before outputting back in the Events backend page, leading to a Reflected Cross-Site Scripting issue

 
2020-06-09
 
CVE-2020-13892

CWE-79
 

 
The SportsPress plugin before 2.7.2 for WordPress allows XSS.

 


Copyright 2024, cxsecurity.com

 

Back to Top