CVE-2021-25112

Summary

The WHMCS Bridge WordPress plugin before 6.4b does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting

Affected Software

VendorProductVersion RangeStatus
UnknownWHMCS Bridge6.4b < 6.4baffected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References