mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-10 07:47:42 +02:00
0xMarcio
955 B
955 B
CVE-2021-24136
&color=brighgreen)
Description
Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters: - Author - Job Title - Location - Company - Email - URL
POC
Reference
- https://wpscan.com/vulnerability/537ee410-3833-4e88-9d4a-ee3c72b44ca1
- https://wpscan.com/vulnerability/537ee410-3833-4e88-9d4a-ee3c72b44ca1
Github
No PoCs found on GitHub currently.