Lucene search
PRIOn knowledge basePRION:CVE-2021-38356HistoryNov 01, 2021 - 9:15 p.m.
Cross site scripting
2021-11-0121:15:00
PRIOn knowledge base
www.prio-n.com
1
0.001 Low
EPSS
Percentile
34.0%
The NextScripts: Social Networks Auto-Poster <= 4.3.20 WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $_REQUEST[‘page’] parameter which is echoed out on inc/nxs_class_snap.php by supplying the appropriate value ‘nxssnap-post’ to load the page in $_GET[‘page’] along with malicious JavaScript in $_POST[‘page’].
| CPE | Name | Operator | Version |
|---|---|---|---|
| social_networks_auto_poster | le | 4.3.20 |
Related
cve
cve
CVE-2021-38356
2021-11-28 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2021-38356
2021-11-01 21:15:07
packetstorm
packetstorm
WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS
2021-10-29 00:00:00
zdt
zdt
WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS Vulnerability
2021-10-31 00:00:00
wordfence
wordfence
wpvulndb
wpvulndb
openvas
openvas
WordPress Social Networks Auto-Poster Plugin < 4.3.21 XSS Vulnerability
2021-11-16 00:00:00