Security Advisory

CVE-2021-24389

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-06 11:03:30
Last updated 2024-08-03 19:28:23
Assigner WPScan
State PUBLISHED

Description

The WP Foodbakery WordPress plugin before 2.2, used in the FoodBakery WordPress theme before 2.2 did not properly sanitize the foodbakery_radius parameter before outputting it back in the response, leading to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability.