Medium severity4.7NVD Advisory· Published Dec 13, 2021· Updated Jun 17, 2026
CVE-2021-42549
CVE-2021-42549
Description
Insufficient Input Validation in the search functionality of Wordpress plugin Lets-Box prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.
Affected products
2- WP Cloud Plugins/Lets-Boxv5Range: unspecified
Patches
Vulnerability mechanics
References
1- www.wpcloudplugins.com/wp-content/plugins/lets-box/_documentation/index.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.