04 Avr 2022
Vulnérabilité CVE-2021-25113 CVE Vulnerability
The Dropdown Menu Widget WordPress plugin through 1.9.7 does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them. Due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues (CVSS:0.0) (Last Update:2022-04-04)
Vulnerability Details : The Dropdown Menu Widget WordPress plugin through 1.9.7 does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them. Due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues Publish Date : 2022-04-04 Last Update Date : 2022-04-04 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-25113
- References For CVE-2021-25113
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-25113There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |