Lucene search
Krzysztof ZającPATCHSTACK:180D17B868B2932F7169EE6CD392A0F7HistoryMar 14, 2022 - 12:00 a.m.
WordPress Dropdown Menu Widget plugin <= 1.9.7 - Arbitrary Settings Update leading to Stored Cross-Site Scripting (XSS) vulnerability
2022-03-1400:00:00
Krzysztof Zając
patchstack.com
19
wordpress
dropdown menu
widget
plugin
arbitrary settings update
stored cross-site scripting
xss
vulnerability
krzysztof zając
deactivate
delete
closure
review
EPSS
0.001
Percentile
24.8%
Arbitrary Settings Update leading to Stored Cross-Site Scripting (XSS) vulnerability discovered by Krzysztof Zając in WordPress Dropdown Menu Widget plugin (versions <= 1.9.7).
Solution
Deactivate and delete. This plugin has been closed as of March 7, 2022 and is not available for download. This closure is temporary, pending a full review.
Related
cve
cve
CVE-2021-25113
2022-04-04 16:15:08
wpexploit
wpexploit
wpvulndb
wpvulndb
prion
prion
Cross site scripting
2022-04-04 16:15:00
cvelist
cvelist
nvd
nvd
CVE-2021-25113
2022-04-04 16:15:08