2 matches found
CVE-2021-46782
The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting...
WordPress Contact Form 7 Skins plugin 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. WordPress Contact Form 7 Skins plugin in version 2.5.0 and earlier has a cross-site scripting vulnerability that stems from the tab parameter not being escaped before being output to the admin...