4 matches found
CVE-2021-24908
The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
CVE-2021-24908
The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
CVE-2021-24908 Check & Log Email < 1.0.4 - Reflected Cross-Site Scripting
The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
CVE-2021-24908
The CVE concerns the WordPress plugin Check & Log Email (before version 1.0.4). The vulnerability arises from improper escaping of the d parameter when it is echoed inside an attribute, enabling a Reflected Cross-Site Scripting (XSS) condition. Affected version range is up to 1.0.3; version 1.0.4...