Vulnerabilities > CVE-2021-25008 - Unspecified vulnerability in Codesnippets Code Snippets

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
codesnippets
NVD
Published: 2022-01-24
Updated: 2024-11-21

Summary

The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue

Vulnerable Configurations

Part Description Count
Application
Codesnippets
67

References