Lucene search
China National Vulnerability DatabaseCNVD-2021-61431HistoryAug 11, 2021 - 12:00 a.m.
WordPress Cross-Site Scripting Vulnerability (CNVD-2021-61431)
2021-08-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
24.9%
WordPress is the WordPress (Wordpress) Foundation’s set of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in the Page View Count plugin for WordPress prior to 2.4.9, which fails to escape the postid parameter of the pvc_stats shortcode, allowing users down to the Contributor role to perform stored XSS attack. No details of the vulnerability are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wordpress | lt | 2.4.9 |
Related
cvelist
cvelist
CVE-2021-24509 Page View Counts < 2.4.9 - Contributor+ Stored XSS
2021-08-09 10:04:13
wpvulndb
wpvulndb
Page View Counts < 2.4.9 - Contributor+ Stored XSS
2021-07-12 00:00:00
cve
cve
CVE-2021-24509
2021-08-09 10:15:07
wpexploit
wpexploit
Page View Counts < 2.4.9 - Contributor+ Stored XSS
2021-07-12 00:00:00
patchstack
patchstack
prion
prion
Cross site scripting
2021-08-09 10:15:00
nvd
nvd
CVE-2021-24509
2021-08-09 10:15:07