0.001 Low
EPSS
Percentile
26.4%
Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Thinkland Security Team in WordPress HAL plugin (versions <= 2.1.1).
Update the WordPress HAL plugin to the latest available version (at least 2.2).
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39345
wordpress.org/plugins/hal/
www.wordfence.com/vulnerability-advisories/