4 matches found
CVE-2021-24432
The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'termid' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue...
CVE-2021-24432 Advanced AJAX Product Filters < 1.5.4.7 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'termid' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue...
CVE-2021-24432 Advanced AJAX Product Filters < 1.5.4.7 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'termid' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue...
CVE-2021-24432
The CVE-2021-24432 entry relates to the WordPress plugin Advanced AJAX Product Filters. The connected documents confirm a vulnerability in the br_aapf_get_child AJAX action where the POST parameter term_id is not sanitized before being output, causing unauthenticated reflected XSS. Affected versi...