CVE-2021-24789 in Flat Preloader Plugininformazioni

Riassunto

di MITRE • 01/11/2021

The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Prenotare

14/01/2021

Divulgazione

01/11/2021

Moderazione

accettato

CPE

pronto

EPSS

0.00622

KEV

no

Attività

molto basso

Fonti

Want to know what is going to be exploited?

We predict KEV entries!