CVE-2021-38332
The CVE relates to the WordPress plugin “On Page SEO + Whatsapp Chat Button” (versions up to 1.0.1) which is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in settings.php. The underlying flaw enables attackers to inject arbitrary scripts in contexts wh...