CVE-2021-24596 in youForms Pluginالمعلومات

الملخص

بحسب MITRE • 20/09/2021

The youForms for WordPress plugin through 1.0.5 does not sanitise escape the Button Text field of its Templates, allowing high privilege users (editors and admins) to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

14/01/2021

إفشاء

20/09/2021

الاعتدال

تمت الموافقة

إدخال

VDB-182928

EPSS

0.02666

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!