3 matches found
CVE-2021-24446
CVE-2021-24446 affects the WordPress Remove Footer Credit plugin (versions before 1.0.6). The issue is a missing CSRF check when saving settings, enabling a logged-in attacker to induce changes and, due to lack of sanitisation, trigger a Stored XSS. Remedy: upgrade to version 1.0.6 or later. If e...
CVE-2021-25050
The CVE-2021-25050 entry concerns the WordPress Remove Footer Credit plugin (versions before 1.0.11). The vulnerability arises from improper sanitization of the plugin’s settings, enabling stored Cross-Site Scripting (XSS) by high-privilege users even when unfiltered_html is disabled. Affected co...
CVE-2024-32429
CVE-2024-32429 refers to an authenticated, stored cross-site scripting vulnerability in the WordPress plugin Remove Footer Credit (affected: