CVE-2021-25019

Summary

The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

Affected Software

VendorProductVersion RangeStatus
UnknownSEO Plugin by Squirrly SEO11.1.12 < 11.1.12affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References