Security Advisory

CVE-2021-24953

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-07 08:16:09
Last updated 2024-08-03 19:49:14
Assigner WPScan
State PUBLISHED

Description

The Advanced iFrame WordPress plugin before 2022 does not sanitise and escape the ai_config_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue