Lucene search
China National Vulnerability DatabaseCNVD-2021-103639HistoryOct 24, 2021 - 12:00 a.m.
WordPress GamePress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-103639)
2021-10-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
31.7%
WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress GamePress plugin in version 1.1.0 and earlier has a cross-site scripting vulnerability, which stems from the lack of checksum filtering of the op_edit POST parameter on user-supplied data and output data. An attacker could use this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress gamepress plugin | le | 1.1.0 |
Related
wpexploit
wpexploit
GamePress <= 1.1.0 - Reflected Cross-Site Scripting
2021-09-20 00:00:00
cve
cve
CVE-2021-24617
2021-10-18 14:15:09
prion
prion
Cross site scripting
2021-10-18 14:15:00
cvelist
cvelist
CVE-2021-24617 GamePress <= 1.1.0 - Reflected Cross-Site Scripting
2021-10-18 13:45:49
patchstack
patchstack
wpvulndb
wpvulndb
GamePress <= 1.1.0 - Reflected Cross-Site Scripting
2021-09-20 00:00:00
nvd
nvd
CVE-2021-24617
2021-10-18 14:15:09