{"id":"CVE-2021-4252","details":"A vulnerability, which was classified as problematic, has been found in WP-Ban. This issue affects the function toggle_checkbox of the file ban-options.php. The manipulation of the argument $_SERVER[\"HTTP_USER_AGENT\"] leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76. It is recommended to apply a patch to fix this issue. The identifier VDB-216209 was assigned to this vulnerability.","modified":"2026-03-14T11:15:15.878469Z","published":"2022-12-18T22:15:10.243Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.216209"},{"type":"FIX","url":"https://github.com/lesterchan/wp-ban/commit/13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76"},{"type":"FIX","url":"https://github.com/lesterchan/wp-ban/pull/11"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/lesterchan/wp-ban","events":[{"introduced":"0"},{"fixed":"13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76"}]},{"type":"GIT","repo":"https://github.com/lesterchan/wp-ban","events":[{"introduced":"0"},{"fixed":"13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2021-11-24"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4252.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}