2 matches found
CVE-2021-38330 Yet Another bol.com Plugin <= 1.4 Reflected Cross-Site Scripting
The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /yabp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4...
CVE-2021-38330
The CVE-2021-38330 entry concerns the Yet Another bol.com WordPress plugin. Multiple connected sources confirm a Reflected Cross-Site Scripting (XSS) vulnerability caused by a reflected $_SERVER["PHP_SELF"] value in yabp.php, affecting versions up to and including 1.4. Impact described as the abi...