CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25071 – Akismet Privacy Policies <= 2.0.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-25071
The WordPress plugin through 2.0.1 does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting El plugin de WordPress versiones hasta 2.0.1, no sanea ni escapa del parámetro translation antes de devolverlo a una página de administración, conllevando a un ataque de tipo Cross-Site Scripting Reflejado The Akismet Privacy Policies WordPress plugin through 2.0.1 does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting • https://wpscan.com/vulnerability/53085936-fa07-4f00-a7dc-bbe98c51320e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •