CVE-2021-38336
CVE-2021-38336 affects the WordPress plugin Edit Comments XT (versions up to and including 1.0). The root cause is a reflected Cross-Site Scripting (XSS) vulnerability caused by a reflected $_SERVER["PHP_SELF"] value in the file ~/edit-comments-xt.php, enabling attackers to inject arbitrary web s...