CVE-2021-28418

MEDIUM

Seo Panel 4.8.0 - XSS

Title source: llm

A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter.

exploitdb WORKING POC

by Piyush Patil · textwebappsphp

CVSS v3 4.8

EPSS 0.0021

EPSS Percentile 43.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79

Status published

Products (1)

seopanel/seo_panel 4.8.0

Published Mar 18, 2021

Tracked Since Feb 18, 2026