Descrição
The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2021-25115
Tags
Nâo informado
Data de publicação
14/02/2022
Última atualização
11/03/2022
Pontuação em CVSS 3.0
6.4
Médio