Update CVE-2021-24389.yaml

patch-1
Prince Chaddha 2021-07-15 14:30:23 +05:30 committed by GitHub
parent 6a0d2d2b90
commit 799e7109c3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions

View File

@ -4,6 +4,7 @@ info:
name: FoodBakery < 2.2 - Reflected Cross-Site Scripting (XSS) name: FoodBakery < 2.2 - Reflected Cross-Site Scripting (XSS)
author: daffainfo author: daffainfo
severity: medium severity: medium
description: The WP Foodbakery WordPress plugin before 2.2, used in the FoodBakery WordPress theme before 2.2 did not properly sanitize the foodbakery_radius parameter before outputting it back in the response, leading to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability.
reference: https://nvd.nist.gov/vuln/detail/CVE-2021-24389 reference: https://nvd.nist.gov/vuln/detail/CVE-2021-24389
tags: cve,cve2021,wordpress,xss,wp-plugin tags: cve,cve2021,wordpress,xss,wp-plugin