← voltar
CVE-2021-24607

Storefront Footer Text <= 1.0.1 - Admin+ Stored Cross-Site Scripting

EPSS 0.6%CWE-79
The Storefront Footer Text WordPress plugin through 1.0.1 does not sanitize and escape the "Footer Credit Text" added to pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed.
Produtos afetados
Unknown · Storefront Footer Text

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://wpscan.com/vulnerability/efa7d91a-447b-4fd8-aa21-5364b177fee9