First published: Mon Jan 24 2022(Updated: )
The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue
Credit: contact@wpscan.com
Affected Software | Affected Version | How to fix |
---|---|---|
Codesnippets Code Snippets | <2.14.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.