CVE-2021-38332
The On Page SEO + Whatsapp Chat Button Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER[“PHP_SELF”] value in the ~/settings.php file which allows attackers to inject...
Read MoreAuthor: Cyberthreat Blog
CVE-2021-38330
The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER[“PHP_SELF”] value in the ~/yabp.php file which allows attackers to inject arbitrary web...
Read MoreCVE-2021-38331
The WP-T-Wap WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the posted parameter found in the ~/wap/writer.php file which allows attackers to inject arbitrary web scripts, in versions up to and including...
Read MoreCVE-2021-38329
The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER[“PHP_SELF”] value in the ~/dj-email-publish.php file which allows attackers to inject arbitrary web...
Read MoreCVE-2021-38347
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the ~/views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and...
Read More