CVE-2021-24437

CVE-2021-24437

The Favicon by RealFaviconGenerator WordPress plugin through 1.3.20 does not sanitise or escape one of its parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting (XSS) which is executed in the context of a logged administrator.

Source: CVE-2021-24437

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다