CVE-2021-25012

Summary

The Pz-LinkCard WordPress plugin through 2.4.4.4 does not sanitise and escape multiple parameters before outputting them back in admin dashboard pages, leading to Reflected Cross-Site Scripting issues

Affected Software

VendorProductVersion RangeStatus
UnknownPz-LinkCard2.4.4.4 <= 2.4.4.4affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References