A vulnerability, which was classified as problematic, has been found in WP-Ban. This issue affects the function toggle_checkbox of the file ban-options.php. The manipulation of the argument $_SERVER["HTTP_USER_AGENT"] leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76. It is recommended to apply a patch to fix this issue. The identifier VDB-216209 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/lesterchan/wp-ban/commit/13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76 | Patch Third Party Advisory |
https://github.com/lesterchan/wp-ban/pull/11 | Patch Third Party Advisory |
https://vuldb.com/?id.216209 | Third Party Advisory |
Configurations
History
07 Nov 2023, 03:40
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 |
22 Dec 2022, 19:26
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
References | (N/A) https://github.com/lesterchan/wp-ban/commit/13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76 - Patch, Third Party Advisory | |
References | (N/A) https://github.com/lesterchan/wp-ban/pull/11 - Patch, Third Party Advisory | |
References | (N/A) https://vuldb.com/?id.216209 - Third Party Advisory | |
CPE | cpe:2.3:a:wp-ban_project:wp-ban:*:*:*:*:*:wordpress:*:* | |
First Time |
Wp-ban Project
Wp-ban Project wp-ban |
18 Dec 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-18 22:15
Updated : 2023-12-10 14:48
NVD link : CVE-2021-4252
Mitre link : CVE-2021-4252
CVE.ORG link : CVE-2021-4252
JSON object : View
Products Affected
wp-ban_project
- wp-ban
CWE
CWE-707
Improper Neutralization