CVE-2021-46781

CVE-2021-46781: Coming Soon by Supsystic < 1.7.6 - Reflected Cross-Site Scripting

Vendor Unknown
Product Coming Soon by Supsystic
Weakness CWE-79 · XSS
Published April 25, 2022
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

Key dates

02Disclosure timeline

April 25, 2022 CVE published
August 4, 2024 Record updated