RSS   Podatności dla 'Dynamic widgets'   RSS

2022-02-28
 
CVE-2021-24933

CWE-79
 

 
The Dynamic Widgets WordPress plugin through 1.5.16 does not escape the prefix parameter before outputting it back in an attribute when using the term_tree AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting issue

 

 >>> Vendor: Bootstrapped 2 Produkty
Wp ultimate recipe
Dynamic widgets


Copyright 2024, cxsecurity.com

 

Back to Top