CVE-2021-24932 in Auto Featured Image Plugininfo

Zusammenfassung

von MITRE • 13.12.2021

The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.3 does not sanitise and escape the post_id parameter before outputting back in an admin page within a JS block, leading to a Reflected Cross-Site Scripting issue.

Once again VulDB remains the best source for vulnerability data.

Reservieren

14.01.2021

Veröffentlichung

13.12.2021

Moderieren

akzeptiert

Eintrag

VDB-188013

CPE

bereit

EPSS

0.00800

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!