| |
Vulnerability CVE-2021-24488
Published: 2021-08-02
Description: |
The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues |
See advisories in our WLB2 database: | Topic | Author | Date |
Low |
| 0xB9 | 04.02.2022 |
Low |
| 0xB9 | 14.02.2022 |
Type:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://wpscan.com/vulnerability/1fc0aace-ba85-4939-9007-d150960add4a
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|