VYPR
Medium severity4.7NVD Advisory· Published Dec 13, 2021· Updated Jun 17, 2026

CVE-2021-42549

CVE-2021-42549

Description

Insufficient Input Validation in the search functionality of Wordpress plugin Lets-Box prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.

Affected products

2
  • Range: <1.15.3
  • WP Cloud Plugins/Lets-Boxv5
    Range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.