Security Advisory

CVE-2021-24235

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-22 21:00:50

Last updated 2024-08-03 19:21:18

Assigner WPScan

State PUBLISHED

Description

The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.

← Browse all CVEs View on cve.org ↗