VYPR
Unrated severityNVD Advisory· Published Apr 5, 2021· Updated Aug 3, 2024

WP File Manager < 7.1 - Reflected Cross-Site Scripting (XSS)

CVE-2021-24177

Description

In the default configuration of the File Manager WordPress plugin before 7.1, a Reflected XSS can occur on the endpoint /wp-admin/admin.php?page=wp_file_manager_properties when a payload is submitted on the User-Agent parameter. The payload is then reflected back on the web application response.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.