Lucene search
China National Vulnerability DatabaseCNVD-2021-103357HistoryDec 28, 2021 - 12:00 a.m.
WordPress Paid Memberships Pro plugin cross-site scripting vulnerability
2021-12-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
paid memberships pro
cross-site scripting
vulnerability
data validation
javascript code
EPSS
0.001
Percentile
45.2%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The Paid Memberships Pro plugin has a cross-site scripting vulnerability in versions prior to 2.6.6, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
patchstack
patchstack
prion
prion
Cross site scripting
2021-12-27 11:15:00
openvas
openvas
WordPress Paid Memberships Pro Plugin < 2.6.6 XSS Vulnerability
2022-02-22 00:00:00
nuclei
nuclei
Paid Memberships Pro < 2.6.6 - Cross-Site Scripting
2023-10-17 07:20:28
cvelist
cvelist
CVE-2021-24979 Paid Memberships Pro < 2.6.6 - Reflected Cross-Site Scripting
2021-12-27 10:33:22
cve
cve
CVE-2021-24979
2021-12-27 11:15:09
nvd
nvd
CVE-2021-24979
2021-12-27 11:15:09
osv
osv
CVE-2021-24979
2021-12-27 11:15:09
wpvulndb
wpvulndb
Paid Memberships Pro < 2.6.6 - Reflected Cross-Site Scripting
2021-11-23 00:00:00
wpexploit
wpexploit
Paid Memberships Pro < 2.6.6 - Reflected Cross-Site Scripting
2021-11-23 00:00:00