API Monitor free
arrow right To plugin page
Verified
Fixed

WordPress WP-Appbox plugin <= 4.3.20 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

3.4
CVSS 3.1 score Low severity
Monitoring Coming soon

Find out about vulnerable plugins in your websites for free.

Scan your website arrow right
Software
WP-Appbox
Type
Plugin
Vulnerable versions
<= 4.3.20
Fixed in
4.4.0
PSID
af034122ac9d
Classification
Cross Site Scripting (XSS)
OWASP Top 10
A7: Cross-Site Scripting (XSS)
Required privilege
Requires high role user authentication like admin.
Credits
Publicly disclosed
2022-04-05

Details

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by mirphak (Patchstack Alliance) in WordPress WP-Appbox plugin (versions <= 4.3.20).

Solution

Update the WordPress WP-Appbox plugin to the latest available version (at least 4.4.0).

References

CVE-2021-36910 Plugin page

Other known vulnerabilities for WP-Appbox

Submit vulnerabilities and become a verified Alliance member

Learn more

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close