Lucene search
China National Vulnerability DatabaseCNVD-2021-102785HistoryDec 26, 2021 - 12:00 a.m.
WordPress SportsPress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-102785)
2021-12-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
40.2%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress SportsPress plugin has a cross-site scripting vulnerability in versions prior to 2.7.9, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wordpress | lt | 2.7.9 |
Related
wpexploit
wpexploit
SportsPress < 2.7.9 - Reflected Cross-Site Scripting
2021-11-16 00:00:00
nvd
nvd
CVE-2021-24578
2021-12-21 09:15:06
prion
prion
Cross site scripting
2021-12-21 09:15:00
wpvulndb
wpvulndb
SportsPress < 2.7.9 - Reflected Cross-Site Scripting
2021-11-16 00:00:00
cvelist
cvelist
CVE-2021-24578 SportsPress < 2.7.9 - Reflected Cross-Site Scripting
2021-12-21 08:45:25
patchstack
patchstack
cve
cve
CVE-2021-24578
2021-12-21 09:15:06