4 matches found
CVE-2021-24298
The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS...
CVE-2021-24298
The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS...
CVE-2021-24298
The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS...
CVE-2021-24298
CVE-2021-24298 affects WordPress Simple Giveaways plugin versions before 2.36.2. The vulnerability is a reflected XSS in the Giveaway pages caused by unsanitized, unvalidated, and unescaped method and share GET parameters that are echoed back in the page output. Exploitation would allow an attack...