3 matches found
CVE-2021-38359
creationtimestamp| type| source ---|---|--- 2021-09-10 18:31:26+00:00| seen| https://t.me/cibsecurity/28679...
CVE-2021-38359 WordPress InviteBox Plugin <= 1.4.1 Reflected Cross-Site Scripting
The WordPress InviteBox Plugin for viral Refer-a-Friend Promotions WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the message parameter found in the /admin/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.1...
CVE-2021-38359
The CVE refers to the WordPress InviteBox Plugin for viral Refer-a-Friend Promotions. Affected component: admin.php of the plugin (~/admin/admin.php). Root cause: Reflected Cross-Site Scripting via the message parameter, with improper input handling enabling injection of arbitrary scripts. Affect...