CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-29171 – All In One WP Security & Firewall <= 4.4.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-29171
Cross-site scripting (XSS) vulnerability in admin/wp-security-blacklist-menu.php in the Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) plugin before 4.4.6 for WordPress. Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo admin/wp-security-blacklist-menu.php en el plugin Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) versiones anteriores a 4.4.6 para WordPress • https://github.com/Arsenal21/all-in-one-wordpress-security/commit/4130906bc049b195467b4fc6980d6d304fbe28d5 https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •