CVE-2021-24648

The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rmsearchvalue parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting...

WordPress plugin 跨站脚本漏洞

WordPress is a set of blogging platform developed by the WordPress Foundation using the PHP language. cross-site scripting vulnerability exists in the Wordpress RegistrationMagic Plugin, which stems from the product's rmsearchvalue function not doing effective processing of special characters in...