3 matches found
Cooked < 1.7.9.1- Unauthenticated Reflected Cross-Site Scripting (XSS)
The plugin was vulnerable to Unauthenticated Reflected Cross-Site Scripting XSS. For clarification, this vulnerability is separate to the similar vulnerability CVE-2021-24233. PoC The PoC will be displayed once the issue has been remediated...
CVE-2021-24233 Cooked Pro < 1.7.5.6 - Unauthenticated Reflected Cross Site Scripting (XSS)
The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an arbitrary attribute...
CVE-2021-24233
CVE-2021-24233 affects the Cooked Pro WordPress plugin prior to 1.7.5.6. The vulnerability is an unauthenticated reflected Cross-Site Scripting (XSS) due to improper sanitisation of user input, which is echoed back in pages as an arbitrary attribute. Impacted behavior could enable an attacker to ...