CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39349

The Author Bio Box WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-author-bio-box-admin.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 3.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.8%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

Products affected by CVE-2021-39349

Author Bio Box Project » Author Bio Box » Version: N/A

cpe:2.3:a:author_bio_box_project:author_bio_box:-
Author Bio Box Project » Author Bio Box » Version: 1.0.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.0.0
Author Bio Box Project » Author Bio Box » Version: 1.1.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.1.0
Author Bio Box Project » Author Bio Box » Version: 1.2.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.2.0
Author Bio Box Project » Author Bio Box » Version: 1.3.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.3.0
Author Bio Box Project » Author Bio Box » Version: 1.4.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.4.0
Author Bio Box Project » Author Bio Box » Version: 1.5.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.5.0
Author Bio Box Project » Author Bio Box » Version: 1.6.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.6.0
Author Bio Box Project » Author Bio Box » Version: 1.7.0

cpe:2.3:a:author_bio_box_project:author_bio_box:1.7.0
Author Bio Box Project » Author Bio Box » Version: 1.7.1

cpe:2.3:a:author_bio_box_project:author_bio_box:1.7.1
Author Bio Box Project » Author Bio Box » Version: 2.0.0

cpe:2.3:a:author_bio_box_project:author_bio_box:2.0.0
Author Bio Box Project » Author Bio Box » Version: 3.0.0

cpe:2.3:a:author_bio_box_project:author_bio_box:3.0.0
Author Bio Box Project » Author Bio Box » Version: 3.1.0

cpe:2.3:a:author_bio_box_project:author_bio_box:3.1.0
Author Bio Box Project » Author Bio Box » Version: 3.1.1

cpe:2.3:a:author_bio_box_project:author_bio_box:3.1.1
Author Bio Box Project » Author Bio Box » Version: 3.2.0

cpe:2.3:a:author_bio_box_project:author_bio_box:3.2.0
Author Bio Box Project » Author Bio Box » Version: 3.3.0

cpe:2.3:a:author_bio_box_project:author_bio_box:3.3.0
Author Bio Box Project » Author Bio Box » Version: 3.3.1

cpe:2.3:a:author_bio_box_project:author_bio_box:3.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39349

Products

Pricing

Contact Us