Posted by Gaetano Perrone on Jan 02

Hello, today I disclosed the CVE-2021-25080 vulnerability. Here attached
technical information:

# References:
* https://wpscan.com/vulnerability/acd3d98a-aab8-49be-b77e-e8c6ede171ac
*
https://secsi.io/blog/cve-2021-25080-finding-cross-site-scripting-vulnerabilities-in-headers/

# Description:
WordPress before 5.2.3 allows XSS in post previews by authenticated users.

# Technical Details and Exploitation:
CRM Form Entries CRM is vulnerable to a…
Read More – Full Disclosure


By |2022-01-02T23:20:36-05:00January 2nd, 2022|