RSS   Podatności dla 'Pixel cat'   RSS

2021-12-13
 
CVE-2021-24922

CWE-352
 

 
The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks

 
 
CVE-2021-24972

CWE-79
 

 
The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

 

 >>> Vendor: Fatcatapps 2 Produkty
Pixel cat
Easy pricing tables


Copyright 2024, cxsecurity.com

 

Back to Top