RSS   Vulnerabilities for 'Auto featured image'   RSS

2021-12-13
 
CVE-2021-24932

CWE-79
 

 
The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.3 does not sanitise and escape the post_id parameter before outputting back in an admin page within a JS block, leading to a Reflected Cross-Site Scripting issue.

 

 >>> Vendor: Cm-wp 2 Products
Social slider widget
Auto featured image


Copyright 2022, cxsecurity.com

 

Back to Top