2 matches found
CVE-2021-38341
creationtimestamp| type| source ---|---|--- 2021-09-10 18:30:44+00:00| seen| https://t.me/cibsecurity/28664 2025-05-02 20:16:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14587...
CVE-2021-38341
The CVE pertains to the WooCommerce Payment Gateway Per Category WordPress plugin (≤ 2.0.10) and describes a Reflected Cross‑Site Scripting flaw. The root cause is a reflected value in $_SERVER["PHP_SELF"] used by the plugin in includes/plugin_settings.php, enabling injection of arbitrary scripts...