Cross site scripting

2021-09-1014:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

32.8%

JSON

The Border Loading Bar WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the f and t parameter found in the ~/titan-framework/iframe-googlefont-preview.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1.

CPENameOperatorVersion
border_loading_barle1.0.1

CPE	Name	Operator	Version
	border_loading_bar	le	1.0.1

References

plugins.trac.wordpress.org/browser/border-loading-bar/trunk/titan-framework/iframe-googlefont-preview.php

www.wordfence.com/vulnerability-advisories/

0.001 Low

EPSS

Percentile

32.8%

JSON

Related for PRION:CVE-2021-38338