WordPress plugin cross-site scripting vulnerability (CNVD-2021-100234)

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin WP Scrippets 1.5.1 and earlier versions, which stems from a lack of valid validation and escaping of the $SERVER"PHPSELEF" value in /wp-scrippets. An attacker...

CVE-2021-38333

The WP Scrippets WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /wp-scrippets.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.1...

CVE-2021-38333

The CVE-2021-38333 entry refers to the WP Scrippets WordPress plugin. A Reflected Cross-Site Scripting (XSS) vulnerability exists due to a reflected $_SERVER["PHP_SELF"] value in ~/wp-scrippets.php, enabling injection of arbitrary web scripts. Affected versions are up to and including 1.5.1. CVSS...

CVE-2021-38333 WP Scrippets <= 1.5.1 Reflected Cross-Site Scripting

The WP Scrippets WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /wp-scrippets.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.1...

WordPress WP Scrippets plugin <= 1.5.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress WP Scrippets plugin versions = 1.5.1. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...