CVE-2021-24319

Summary

The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise its post_excerpt parameter before outputting it back in the shop/my-account/bello-listing-endpoint/ page, leading to a Cross-Site Scripting issue

Affected Software

VendorProductVersion RangeStatus
BoldThemesBello - Directory & Listing1.6.0 < 1.6.0affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References