3 matches found
CVE-2021-38330
The CVE-2021-38330 entry concerns the Yet Another bol.com WordPress plugin. Multiple connected sources confirm a Reflected Cross-Site Scripting (XSS) vulnerability caused by a reflected $_SERVER["PHP_SELF"] value in yabp.php, affecting versions up to and including 1.4. Impact described as the abi...
CVE-2021-38330 Yet Another bol.com Plugin <= 1.4 Reflected Cross-Site Scripting
The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /yabp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4...
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin Yet Another bol.com, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to...