Lucene search
China National Vulnerability DatabaseCNVD-2021-70741HistorySep 04, 2021 - 12:00 a.m.
WordPress Easy Social Icons Cross-Site Scripting Vulnerability
2021-09-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.003 Low
EPSS
Percentile
65.9%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Easy Social Icons plugin is a WordPress open source application plugin. WordPress Easy Social Icons plugin in version 3.0.8 and earlier has a cross-site scripting vulnerability that originates in main file file $_SERVER[‘PHP_SELF’] lack of user input data validation and filtering of the data at the input, an attacker can use the vulnerability to lure users to click on a request containing malicious leads to the client-side code to steal the user cookie credentials.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wordpress easy social icons plugin | le | 3.0.8 |
Related
patchstack
patchstack
prion
prion
Cross site scripting
2021-09-02 17:15:00
nuclei
nuclei
WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting
2022-02-04 19:21:50
cvelist
cvelist
CVE-2021-39322 Easy Social Icons <= 3.0.8 - Reflected Cross-Site Scripting
2021-09-01 00:00:00
nvd
nvd
CVE-2021-39322
2021-09-02 17:15:09
cve
cve
CVE-2021-39322
2021-09-02 17:15:09
wpvulndb
wpvulndb
Easy Social Icons < 3.0.9 - Reflected Cross-Site Scripting
2021-08-30 00:00:00
wordfence
wordfence
PHP_SELFish Part 2 – Reflected XSS in Easy Social Icons
2021-09-29 14:34:44
wpexploit
wpexploit
Easy Social Icons < 3.0.9 - Reflected Cross-Site Scripting
2021-08-30 00:00:00