CVE-2021-25058 The Buffer Button <= 1.0 - Authenticated Stored Cross Site Scripting (XSS)

2022-02-2110:45:45

CWE-79

WPScan

www.cve.org

0.001 Low

EPSS

Percentile

24.8%

JSON

The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting (XSS) within the Twitter username to mention text field.

CNA Affected

[
  {
    "product": "The Buffer Button",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThanOrEqual": "1.0",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  }
]

References

wpscan.com/vulnerability/fd5271ef-1da5-4d09-888e-f1fd71820cde

0.001 Low

EPSS

Percentile

24.8%

JSON

Related for CVELIST:CVE-2021-25058