XSS Vulnerabilities in JPress v3.3.0 and Below: Template and Tag Management Modules

XSS Vulnerabilities in JPress v3.3.0 and Below: Template and Tag Management Modules

CVE-2021-33347 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur.

Learn more about our Web Application Penetration Testing UK.