Vulnerabilities > Windyroad

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-14	CVE-2021-39310	Cross-site Scripting vulnerability in Windyroad Real Wysiwyg The Real WYSIWYG WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of PHP_SELF in the ~/real-wysiwyg.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2. network windyroad CWE-79	4.3
2021-09-09	CVE-2021-38319	Cross-site Scripting vulnerability in Windyroad More From Google The More From Google WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/morefromgoogle.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2. network windyroad CWE-79	4.3

Vulnerabilities > Windyroad {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Windyroad"}]}