2 matches found
CVE-2021-25019
Summary: The WordPress SEO Plugin by Squirrly SEO (WordPress) versions before 11.1.12 are affected by a reflected XSS. The issue arises because the plugin does not escape the type parameter when echoing it back into an admin-page attribute, enabling script execution in the context of the admin in...
CVE-2021-25019 SEO Plugin by Squirrly SEO < 11.1.12 - Reflected Cross-Site Scripting
The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...