CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-06-02 07:51:39 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ef999830cefac409bd2be04bf317a47573d9dfe5
CVEs-PoC/2021/CVE-2021-24241.md
T
0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00

870 B
Raw Blame History

CVE-2021-24241

Description

The Advanced Custom Fields Pro WordPress plugin before 5.9.1 did not properly escape the generated update URL when outputting it in an attribute, leading to a reflected Cross-Site Scripting issue in the update settings page.

POC

Reference

Github

No PoCs found on GitHub currently.

Reference in New Issue View Git Blame Copy Permalink