4 matches found
CVE-2021-38323
The RentPress WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the /src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.6.4...
CVE-2021-38323 RentPress <= 6.6.4 Reflected Cross-Site Scripting
The RentPress WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the /src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.6.4...
WordPress 插件跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin RentPress versions prior to 6.6.4, which stems...
RentPress <= 6.6.4 - Reflected Cross-Site Scripting
The plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the /src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts...