Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-102785
HistoryDec 26, 2021 - 12:00 a.m.

WordPress SportsPress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-102785)

2021-12-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5

0.001 Low

EPSS

Percentile

40.2%

WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress SportsPress plugin has a cross-site scripting vulnerability in versions prior to 2.7.9, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client side.

CPENameOperatorVersion
wordpress wordpresslt2.7.9

0.001 Low

EPSS

Percentile

40.2%