2 matches found
CVE-2021-38347 Custom Website Data <= 2.2 Reflected Cross-Site Scripting
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
CVE-2021-38347
CVE-2021-38347 concerns the WordPress plugin Custom Website Data (<= 2.2). The vulnerability is a Reflected Cross-Site Scripting (XSS) via the id parameter in the file ~/views/edit.php, enabling an attacker to inject arbitrary web scripts. Affected release range is up to and including 2.2. NVD...