3 matches found
CVE-2021-34653
The WP Fountain WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /wp-fountain.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.9...
CVE-2021-34653 WP Fountain <= 1.5.9 Reflected Cross-Site Scripting
The WP Fountain WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /wp-fountain.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.9...
CVE-2021-34653
The CVE-2021-34653 entry pertains to the WordPress plugin WP Fountain, with vulnerability in versions up to and including 1.5.9. It is a Reflected Cross-Site Scripting (XSS) flaw caused by using $_SERVER['PHP_SELF'] in wp-fountain.php, enabling injection of arbitrary scripts. The connected source...