WordPress Mediumish theme Unauthenticated Reflected XSS & XFS CVE-2021-24316 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

WordPress Mediumish theme Unauthenticated Reflected XSS & XFS CVE-2021-24316 Scanner Detail

Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload.

The search feature of the Mediumish WordPress theme through 1.0.47 does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue.

 

Some Advice for Common Problems

You have to update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service