Lucene search
China National Vulnerability DatabaseCNVD-2021-99639HistoryNov 10, 2021 - 12:00 a.m.
WordPress WPSchoolPress plugin cross-site scripting vulnerability
2021-11-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
wordpress
wpschoolpress
cross-site scripting
vulnerability
php
xss
sanitization
EPSS
0.001
Percentile
41.5%
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress WPSchoolPress plugin prior to version 2.1.17, which stems from the use of sanitize_text_field () by The School Management System plugin. () that lacks sanitization filters for user-supplied and output data. An attacker could exploit this vulnerability to inject JavaScript and execute a stored XSS attack.
Related
zdt
zdt
patchstack
patchstack
cvelist
cvelist
exploitdb
exploitdb
packetstorm
packetstorm
WordPress WPSchoolPress 2.1.16 Cross Site Scripting
2021-11-15 00:00:00
prion
prion
Cross site scripting
2021-11-08 18:15:00
nvd
nvd
CVE-2021-24664
2021-11-08 18:15:08
cve
cve
CVE-2021-24664
2021-11-08 18:15:08