QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2021-24320

Back to search

CVE-2021-24320

Published: Jun 1, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value, bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameter in ints listing page, leading to reflected Cross-Site Scripting issues.

VendorProductVersions

BoldThemes

Bello - Directory & Listing

affected
1.6.0 - < 1.6.0

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now