WordPress WHMCS Bridge plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress WHMCS Bridge plugin has a cross-site scripting vulnerability that allows an attacker to...

CVE-2021-4074

The WHMCS Bridge WordPress plugin is vulnerable to Stored Cross-Site Scripting via the ccwhmcsbridgeurl parameter found in the /whmcs-bridge/bridgecp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.1. Due to missing authorization checks on the...

CVE-2021-4074 WHMCS Bridge <= 6.1 Subscriber+ Stored Cross-Site Scripting

The WHMCS Bridge WordPress plugin is vulnerable to Stored Cross-Site Scripting via the ccwhmcsbridgeurl parameter found in the /whmcs-bridge/bridgecp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.1. Due to missing authorization checks on the...