Description Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. Remediation References CVE-2021-23337 Related Vulnerabilities WordPress Plugin Aviary Image Editor Add-on For Gravity Forms Arbitrary File Upload (3.0) WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.33) Liferay version older than 7.1 WordPress Plugin QR Redirector Cross-Site Scripting (1.6) Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0434) Severity High Classification CVE-2021-23337 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities