• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2021-24479

February 23, 2023 by

The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue

CVE-2021-24480

February 23, 2023 by

The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its “Use your own ” setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scripting issue

CVE-2021-24481

February 23, 2023 by

The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its “Allowed hosts” setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS payloads in it

CVE-2021-24482

February 23, 2023 by

The Related Posts for WordPress plugin through 2.0.4 does not sanitise its heading_text and CSS settings, allowing high privilege users (admin) to set XSS payloads in them, leading to Stored Cross-Site Scripting issues.

CVE-2021-24485

February 23, 2023 by

The Special Text Boxes WordPress plugin before 5.9.110 does not sanitise or escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.

CVE-2021-24486

February 23, 2023 by

The Simple Social Media Share Buttons – Social Sharing for Everyone WordPress plugin before 3.2.3 did not escape the align and like_button_size parameters of its SSB shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1600
  • Go to page 1601
  • Go to page 1602
  • Go to page 1603
  • Go to page 1604
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE