CVE-2021-24250

State: PUBLISHED · Published: 2021-05-05 · Updated: 2024-08-03 · Assigner: WPScan

Description

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from lack of sanitisation in the label of the Form Fields, leading to Authenticated Stored Cross-Site Scripting issues across various pages of the plugin.

CWE

CWE-79 — CWE-79 Cross-site Scripting (XSS)

Affected

Business Directory Team / Business Directory Plugin – Easy Listing Directories for WordPress — v=5.11.2 <5.11.2 [affected]

CVSS

(none)

References

https://wpscan.com/vulnerability/e23bf712-d891-4df7-99cc-9ef64f19f685 x_refsource_CONFIRM

Source

cvelistV5-main/cves/2021/24xxx/CVE-2021-24250.json