RSS   Vulnerabilities for 'Social slider widget'   RSS

2021-04-05
 
CVE-2021-24196

CWE-79
 

 
The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ??�??�?token_error??�??�?? parameter can be controlled by users and it is directly echoed without being sanitized

 

 >>> Vendor: Cm-wp 2 Products
Social slider widget
Auto featured image


Copyright 2024, cxsecurity.com

 

Back to Top