CVE-2021-24888

ImageBoss < 3.0.6 - Admin+ Stored Cross-Site Scripting

EPSS 0.7%CWE-79

The ImageBoss WordPress plugin before 3.0.6 does not sanitise and escape its Source Name setting, which could allow high privilege users to perform Cross-Site Scripting attacks

Produtos afetados

Unknown · ImageBoss – Images Up To 60% Smaller & CDN

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://wpscan.com/vulnerability/19bffa71-705c-42fc-b2ca-bf62fabb70a0