What the vulnerability does
01Description
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3811
MEDIUM
CVE-2021-3811: Cross-site Scripting (XSS) - Reflected in pi-hole/adminlte
CVSS base score
6.7/10
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
September 17, 2021
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-54729 WordPress Webba Booking Plugin <= 6.0.5 - Cross Site Scripting (XSS) Vulnerability
CVE-2024-51710 WordPress Responsive Data Table plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-48162 WordPress Simple Business Directory Pro <= 15.5.1 - Cross Site Scripting (XSS) Vulnerability
CVE-2024-3793 Cross-site Scripting vulnerability in WBSAirback
CVE-2025-43794
