Vulnerabilities > CVE-2021-39311 - Unspecified vulnerability in Link-List-Manager Project Link-List-Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The link-list-manager WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the category parameter found in the ~/llm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |