3 matches found
CVE-2021-34634
The Nifty Newsletters WordPress plugin is vulnerable to Cross-Site Request Forgery via the solanlwphead function found in the /sola-newsletters.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.23...
CVE-2021-34634
The CVE concerns the WordPress plugin Nifty Newsletters (versions up to 4.0.23). A Cross-Site Request Forgery flaw in the sola_nl_wp_head function (sola-newsletters.php) allows attackers to inject arbitrary scripts, with the vulnerability described as enabling Stored XSS. The umbrella details in ...
CVE-2021-34634 Nifty Newsletters <= 4.0.23 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Nifty Newsletters WordPress plugin is vulnerable to Cross-Site Request Forgery via the solanlwphead function found in the /sola-newsletters.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.23...