Security Advisory

CVE-2021-24196

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-05 18:27:45

Last updated 2024-08-03 19:21:18

Assigner WPScan

State PUBLISHED

Description

The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘token_error’ parameter can be controlled by users and it is directly echoed without being sanitized

← Browse all CVEs View on cve.org ↗