4 matches found
CVE-2021-38336
creationtimestamp| type| source ---|---|--- 2021-09-10 18:31:42+00:00| seen| https://t.me/cibsecurity/28683 2025-05-02 20:16:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14593...
CVE-2021-38336
The Edit Comments XT WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /edit-comments-xt.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...
CVE-2021-38336 Edit Comments XT <= 1.0 Reflected Cross-Site Scripting
The Edit Comments XT WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /edit-comments-xt.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...
CVE-2021-38336
CVE-2021-38336 affects the WordPress plugin Edit Comments XT (versions up to and including 1.0). The root cause is a reflected Cross-Site Scripting (XSS) vulnerability caused by a reflected $_SERVER["PHP_SELF"] value in the file ~/edit-comments-xt.php, enabling attackers to inject arbitrary web s...