CVE-2021-38351
The CVE-2021-38351 entry concerns the WordPress OSD Subscribe plugin (versions up to and including 1.2.3). The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw via the osd_subscribe_message parameter in the file ~/options/osd_subscribe_options_subscribers.php, allowing an attacker to ...