Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-11	CVE-2021-24683	Cross-site Scripting vulnerability in Awplife Weather Effect The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue. network low complexity awplife CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.