2 matches found
CVE-2021-4252 WP-Ban ban-options.php toggle_checkbox cross site scripting
A vulnerability, which was classified as problematic, has been found in WP-Ban. This issue affects the function togglecheckbox of the file ban-options.php. The manipulation of the argument $SERVER"HTTPUSERAGENT" leads to cross site scripting. The attack may be initiated remotely. The name of the...
CVE-2021-4252
CVE-2021-4252 affects the WordPress WP-Ban plugin, specifically the function toggle_checkbox in ban-options.php. The issue arises from manipulating the request header value $_SERVER["HTTP_USER_AGENT"], enabling cross-site scripting. The vulnerability can potentially be initiated remotely. A patch...