← volver
CVE-2021-24812

BetterLinks < 1.2.6 - Admin+ Stored Cross-Site Scripting

EPSS 0.6%CWE-79
The BetterLinks WordPress plugin before 1.2.6 does not sanitise and escape some of imported link fields, which could lead to Stored Cross-Site Scripting issues when an admin import a malicious CSV.
Productos afectados
Unknown · BetterLinks – Shorten, Track and Manage any URL

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/6bc8fff1-ff10-4175-8a46-563f0f26f96a