CVE-2021-24235

The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.
Configurations

Configuration 1

cpe:2.3:a:boostifythemes:goto:*:*:*:*:*:wordpress:*:*

Information

Published : 2021-04-22 09:15

Updated : 2021-04-29 07:06


NVD link : CVE-2021-24235

Mitre link : CVE-2021-24235

Products Affected
No products.
CWE