CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wp Fountain Project: >> Wp Fountain >> 1.5.7 Security Vulnerabilities

CVE-2021-34653

The WP Fountain WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/wp-fountain.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.9.

CVSS Score

6.1

EPSS Score

0.002

Published

2021-08-16

Page 1

Vulnerabilities

Vulnerable Software

Wp Fountain Project: >> Wp Fountain >> 1.5.7 Security Vulnerabilities

Products

Pricing

Contact Us