← Back

About Author Box

about_author_box

Vendor: Wpkube • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24745
1Wpkube
1About Author Box
Jun 17, 2026
Nov 29, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The About Author Box WordPress plugin before 1.0.2 does not sanitise and escape the Social Profiles field values before outputting them in attributes, which could allow user with a role as low as contributor to perform C...Show more
The About Author Box WordPress plugin before 1.0.2 does not sanitise and escape the Social Profiles field values before outputting them in attributes, which could allow user with a role as low as contributor to perform Cross-Site Scripting attacks.Show less