VYPR
Unrated severityNVD Advisory· Published Sep 10, 2021· Updated May 2, 2025No known patch

MoolaMojo <= 0.7.4.1 Reflected Cross-Site Scripting

CVE-2021-38358

Description

The MoolaMojo WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the classes parameter found in the ~/views/button-generator.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.4.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Mojolicious/Moolamojollm-fuzzy2 versions
    <=0.7.4.1+ 1 more
    • (no CPE)range: <=0.7.4.1
    • (no CPE)range: 0.7.4.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.