The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2021-10-11T10:45:39
Updated: 2024-08-03T19:42:16.085Z
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24683
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-10-11T11:15:09.060
Modified: 2024-11-21T05:53:33.440
Link: CVE-2021-24683
Redhat
No data.