ID CVE-2021-24683
Summary The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 11-10-2021 - 11:15
Published 11-10-2021 - 11:15
Last modified 11-10-2021 - 11:15
Back to Top