CVE-2021-25010 in Post Snippets Plugin정보

요약

\~에 의해 MITRE • 2022. 02. 28.

The Post Snippets WordPress plugin before 3.1.4 does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers are not sanitised and escaped, which could lead to Stored Cross-Site Scripting issues

If you want to get best quality of vulnerability data, you may have to visit VulDB.

출처

Want to know what is going to be exploited?

We predict KEV entries!