CVE-2021-24895 in Cybersoldier Plugininformação

Sumário

de MITRE • 14/03/2022

The Cybersoldier WordPress plugin before 1.7.0 does not sanitise and escape the URL settings before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservar

14/01/2021

Divulgação

14/03/2022

Moderação

aceite

Entrada

VDB-194879

CPE

pronto

EPSS

0.00588

KEV

não

Atividades

muito baixo

Fontes

Want to stay up to date on a daily basis?

Enable the mail alert feature now!