Vulnerabilities > CVE-2021-25044 - Unspecified vulnerability in Premium-Themes Cryptocurrency Pricing List and Ticker

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
premium-themes
NVD
Published: 2022-10-10
Updated: 2024-11-21

Summary

The Cryptocurrency Pricing list and Ticker WordPress plugin through 1.5 does not sanitise and escape the ccpw_setpage parameter before outputting it back in pages where its shortcode is embed, leading to a Reflected Cross-Site Scripting issue

Vulnerable Configurations

Part Description Count
Application
Premium-Themes
6

References