← volver
CVE-2021-24587

Splash Header < 1.20.8 - Authenticated Stored Cross-Site Scripting (XSS)

EPSS 0.6%CWE-79
The Splash Header WordPress plugin before 1.20.8 doesn't sanitise and escape some of its settings while outputting them in the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue.
Productos afectados
Unknown · Splash Header

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/bb5d94ad-e1ce-44e2-8403-d73fe75a146a