Lucene search
China National Vulnerability DatabaseCNVD-2021-103648HistoryOct 24, 2021 - 12:00 a.m.
WordPress Podcast Subscribe Buttons plugin cross-site scripting vulnerability
2021-10-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
wordpress
podcast subscribe buttons
cross-site scripting
vulnerability
php
version 1.4.2
checksum filtering
user-supplied data
xss attack
EPSS
0.001
Percentile
24.8%
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress Podcast Subscribe Buttons plugin in versions prior to 1.4.2, which stems from a lack of checksum filtering of user-supplied data and output data at the plugin’s edit or add posts. An attacker could exploit this vulnerability to inject JavaScript and execute a stored XSS attack.
Related
prion
prion
Cross site scripting
2021-10-18 14:15:00
nvd
nvd
CVE-2021-24743
2021-10-18 14:15:09
patchstack
patchstack
wpexploit
wpexploit
Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS
2021-09-15 00:00:00
wpvulndb
wpvulndb
Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS
2021-09-15 00:00:00
cvelist
cvelist
CVE-2021-24743 Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS
2021-10-18 13:46:09
cve
cve
CVE-2021-24743
2021-10-18 14:15:09