Image Hover Effects Ultimate < 9.7.1 - Reflected Cross-Site Scripting. The plugin does not escape the effects parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
Prion | Cross site scripting | 24 Jan 202208:15 | – | prion |
wpexploit | Image Hover Effects Ultimate < 9.7.1 - Reflected Cross-Site Scripting | 27 Dec 202100:00 | – | wpexploit |
Patchstack | WordPress Image Hover Effects Ultimate plugin <= 9.7.0 - Reflected Cross-Site Scripting (XSS) vulnerability | 27 Dec 202100:00 | – | patchstack |
NVD | CVE-2021-25031 | 24 Jan 202208:15 | – | nvd |
Cvelist | CVE-2021-25031 Image Hover Effects Ultimate < 9.7.1 - Reflected Cross-Site Scripting | 24 Jan 202208:01 | – | cvelist |
CVE | CVE-2021-25031 | 24 Jan 202208:15 | – | cve |
Source | Link |
---|---|
plugins | www.plugins.trac.wordpress.org/changeset/2648086 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo