HomePentest-Tools.com Logo

Easy Social Feed < 6.2.7 - Cross-Site Scripting CVE-2021-25120

Severity
CVSSv3 Score
6.1
Vulnerability description

Easy Social Feed < 6.2.7 is susceptible to reflected cross-site scripting because the plugin does not sanitize and escape a parameter before outputting it back in an admin dashboard page, leading to it being executed in the context of a logged admin or editor.

Risk description

No risk description to display.

Recommendation

Update to Easy Social Feed version 6.2.7 or later to mitigate the vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Apr 18, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available