Reflected Cross-Site Scripting in Select All Categories and Taxonomies WordPress Plugin (<=1.3.2)

Reflected Cross-Site Scripting in Select All Categories and Taxonomies WordPress Plugin (<=1.3.2)

CVE-2021-24287 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin before 1.3.2 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue

Learn more about our Wordpress Pen Testing.