A vulnerability, which was classified as problematic, has been found in WP-Ban. This issue affects the function toggle_checkbox of the file ban-options.php. The manipulation of the argument $_SERVER["HTTP_USER_AGENT"] leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76. It is recommended to apply a patch to fix this issue. The identifier VDB-216209 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/lesterchan/wp-ban/commit/13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76 | Patch Third Party Advisory |
https://github.com/lesterchan/wp-ban/pull/11 | Patch Third Party Advisory |
https://vuldb.com/?id.216209 | Third Party Advisory |
https://github.com/lesterchan/wp-ban/commit/13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76 | Patch Third Party Advisory |
https://github.com/lesterchan/wp-ban/pull/11 | Patch Third Party Advisory |
https://vuldb.com/?id.216209 | Third Party Advisory |
Configurations
History
21 Nov 2024, 06:37
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.5 |
References | () https://github.com/lesterchan/wp-ban/commit/13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76 - Patch, Third Party Advisory | |
References | () https://github.com/lesterchan/wp-ban/pull/11 - Patch, Third Party Advisory | |
References | () https://vuldb.com/?id.216209 - Third Party Advisory |
07 Nov 2023, 03:40
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 |
Information
Published : 2022-12-18 22:15
Updated : 2024-11-21 06:37
NVD link : CVE-2021-4252
Mitre link : CVE-2021-4252
CVE.ORG link : CVE-2021-4252
JSON object : View
Products Affected
wp-ban_project
- wp-ban
CWE
CWE-707
Improper Neutralization