5 matches found
CVE-2021-24286
The settings page of the Redirect 404 to parent WordPress plugin before 1.3.1 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue...
CVE-2021-24970
The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue...
EUVD-2021-11556
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...
WordPress plugin 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL. parent WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability...
CVE-2021-24274
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue...