CVE-2021-24812
N/A
N/A
Summary
The BetterLinks WordPress plugin before 1.2.6 does not sanitise and escape some of imported link fields, which could lead to Stored Cross-Site Scripting issues when an admin import a malicious CSV.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | BetterLinks – Shorten, Track and Manage any URL | 1.2.6 < 1.2.6 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.