CVE-2021-24975
N/A
N/A
Summary
The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting issue
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | NextScripts: Social Networks Auto-Poster | 4.3.24 < 4.3.24 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
- https://wpscan.com/vulnerability/b99dae3d-8230-4427-adc5-4ef9cbfb8ba1
- https://plugins.trac.wordpress.org/changeset/2650138
References
- https://wpscan.com/vulnerability/b99dae3d-8230-4427-adc5-4ef9cbfb8ba1
- https://plugins.trac.wordpress.org/changeset/2650138
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.