The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross-Site Scripting issues
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/0ad020b5-0d16-4521-8ea7-39cd206ab9f6 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-04-18T17:10:26
Updated: 2022-04-18T17:10:26
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-25120
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-18T18:15:08.127
Modified: 2022-04-25T16:42:42.793
Link: CVE-2021-25120
JSON object: View
Redhat Information
No data.
CWE