Vulnerabilities > CVE-2021-24350 - Unspecified vulnerability in Bestwebsoft Visitors Online 0.1/0.2/0.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The Visitors WordPress plugin through 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. The plugin would display the user's user agent string without validation or encoding within the WordPress admin panel.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |