CVE-2021-34643
16.08.2021, 19:15
The Skaut bazar WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.2.
| Vendor | Product | Version |
|---|---|---|
| skaut-bazar_project | skaut-bazar | 𝑥 ≤ 1.3.2 |
𝑥
= Vulnerable software versions
References