Vulnerabilities > CVE-2021-24937 - Unspecified vulnerability in Asset Cleanup: Page Speed Booster Project Asset Cleanup: Page Speed Booster
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacu_selected_sub_tab_area parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting issue
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 132 |