The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2021-46781 | The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting |
Assigned (20220402) | MISC:https://wpscan.com/vulnerability/49589867-f764-4c4a-b640-84973c673b23 | URL:https://wpscan.com/vulnerability/49589867-f764-4c4a-b640-84973c673b23 |
Page created: