Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-84598
HistoryOct 29, 2021 - 12:00 a.m.

WordPress Cross-Site Scripting Vulnerability (CNVD-2021-84598)

2021-10-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
6

0.001 Low

EPSS

Percentile

24.8%

WordPress is the WordPress (Wordpress) Foundationโ€™s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin Video Gallery -Vimeo and YouTube Gallery 1.1.4 and earlier versions have a cross-site scripting vulnerability, which stems from the pluginโ€™s lack of valid validation and escaping for the title and description attributes of the video gallery, resulting in storage cross-site scripting issue. No detailed vulnerability details are currently available.

0.001 Low

EPSS

Percentile

24.8%