Lucene search
WPScanCVELIST:CVE-2021-25078HistoryJan 24, 2022 - 8:01 a.m.
CVE-2021-25078 Affiliates Manager < 2.9.0 - Unauthenticated Stored Cross-Site Scripting
2022-01-2408:01:25
CWE-79
WPScan
raw.githubusercontent.com
1
The Affiliates Manager WordPress plugin before 2.9.0 does not validate, sanitise and escape the IP address of requests logged by the click tracking feature, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admin viewing the tracked requests.
Related
wpvulndb
wpvulndb
Affiliates Manager < 2.9.0 - Unauthenticated Stored Cross-Site Scripting
2021-12-24 00:00:00
cve
cve
CVE-2021-25078
2022-01-24 08:15:00
openvas
openvas
WordPress Affiliates Manager Plugin < 2.9.0 XSS Vulnerability
2023-02-17 00:00:00
nuclei
nuclei
Affiliates Manager < 2.9.0 - Cross Site Scripting
2023-04-21 08:56:01
prion
prion
Cross site scripting
2022-01-24 08:15:00
cnvd
cnvd
wpexploit
wpexploit
Affiliates Manager < 2.9.0 - Unauthenticated Stored Cross-Site Scripting
2021-12-24 00:00:00