The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2021-04-22T21:00:50
Updated: 2024-08-03T19:21:18.713Z
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24235
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-22T21:15:09.730
Modified: 2024-11-21T05:52:39.400
Link: CVE-2021-24235
Redhat
No data.