CVE-2021-25120
N/A
N/A
Summary
The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross-Site Scripting issues
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Easy Social Feed Pro | 6.2.7 < 6.2.7 | affected |
| Unknown | Easy Social Feed – Social Photos Gallery – Post Feed – Like Box | 6.2.7 < 6.2.7 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.