Vulnerabilities > Getastra
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-21 | CVE-2021-24372 | Cross-site Scripting vulnerability in Getastra WP Hardening The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue. | 6.1 |
2021-06-21 | CVE-2021-24373 | Cross-site Scripting vulnerability in Getastra WP Hardening The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflected Cross-Site Scripting issue. | 6.1 |