2 matches found
CVE-2021-25012
CVE-2021-25012 affects the WordPress Pz-LinkCard plugin up to version 2.4.4.4. The root cause is failure to sanitise/escape multiple parameters before returning them in admin dashboard pages, resulting in Reflected Cross-Site Scripting (XSS). Impact is reflected XSS in admin UI where untrusted in...
CVE-2021-25012 Pz-LinkCard <= 2.4.4.4 - Reflected Cross-Site Scripting
The Pz-LinkCard WordPress plugin through 2.4.4.4 does not sanitise and escape multiple parameters before outputting them back in admin dashboard pages, leading to Reflected Cross-Site Scripting issues...