Vulnerabilities > CVE-2021-24287 - Unspecified vulnerability in Mooveagency Select ALL Categories and Taxonomies, Change Checkbox to Radio Buttons
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin before 1.3.2 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue
Vulnerable Configurations
References
- http://packetstormsecurity.com/files/164327/WordPress-Select-All-Categories-And-Taxonomies-1.3.1-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/164327/WordPress-Select-All-Categories-And-Taxonomies-1.3.1-Cross-Site-Scripting.html
- https://wpscan.com/vulnerability/56e1bb56-bfc5-40dd-b2d0-edef43d89bdf
- https://wpscan.com/vulnerability/56e1bb56-bfc5-40dd-b2d0-edef43d89bdf