CVE-2021-24468
Leaflet Map < 3.0.0 - Contributor+ Stored XSS
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
02 ago 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues
Productos afectados
Unknown · Leaflet Map