Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2021-27802
Disclosure Date: April 29, 2021 (last updated November 08, 2023)
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-24177. Reason: This candidate is a duplicate of CVE-2021-24177. Notes: All CVE users should reference CVE-2021-24177 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
0
Attacker Value
Unknown
CVE-2021-24177
Disclosure Date: April 05, 2021 (last updated November 28, 2024)
In the default configuration of the File Manager WordPress plugin before 7.1, a Reflected XSS can occur on the endpoint /wp-admin/admin.php?page=wp_file_manager_properties when a payload is submitted on the User-Agent parameter. The payload is then reflected back on the web application response.
0