{"id":78538,"date":"2026-05-16T18:56:20","date_gmt":"2026-05-16T15:26:20","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2021-47981-quick-cms-6-7-cross-site-scripting-via-csrf-to-sliders-form\/"},"modified":"2026-05-16T18:56:20","modified_gmt":"2026-05-16T15:26:20","slug":"cve-2021-47981-quick-cms-6-7-cross-site-scripting-via-csrf-to-sliders-form","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2021-47981-quick-cms-6-7-cross-site-scripting-via-csrf-to-sliders-form\/","title":{"rendered":"CVE-2021-47981 – Quick.CMS 6.7 Cross-Site Scripting via CSRF to Sliders Form"},"content":{"rendered":"

CVE ID :CVE-2021-47981<\/p>\n

Published : May 16, 2026, 3:26 p.m. | 31\u00a0minutes ago<\/p>\n

Description :Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can craft CSRF forms targeting the admin.php?p=sliders-form endpoint to execute arbitrary JavaScript in victim browsers when the form is submitted.<\/p>\n

Severity: 5.4 | MEDIUM<\/p>\n

Visit the link for more details, such as CVSS details, affected products, timeline, and more…\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

CVE ID :CVE-2021-47981 Published : May 16, 2026, 3:26 p.m. | 31\u00a0minutes ago Description :Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can craft CSRF forms targeting the admin.php?p=sliders-form endpoint to execute arbitrary JavaScript in …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-78538","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/78538","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=78538"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/78538\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=78538"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=78538"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=78538"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}