Lucene search
China National Vulnerability DatabaseCNVD-2022-19807HistoryMar 02, 2022 - 12:00 a.m.
WordPress Dynamic Widgets plugin cross-site scripting vulnerability
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.001 Low
EPSS
Percentile
25.0%
WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress Dynamic Widgets plugin prior to 1.5.16, which stems from the fact that the plugin does not translate prefix parameters before they are exported back to properties. Any authenticated attacker could use this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress dynamic widgets plugin | lt | 1.5.16 |
Related
wpexploit
wpexploit
Dynamic Widgets <= 1.5.16 - Reflected Cross-Site Scripting
2021-12-28 00:00:00
cvelist
cvelist
CVE-2021-24933 Dynamic Widgets <= 1.5.16 - Reflected Cross-Site Scripting
2022-02-28 09:06:23
prion
prion
Cross site scripting
2022-02-28 09:15:00
nvd
nvd
CVE-2021-24933
2022-02-28 09:15:08
cve
cve
CVE-2021-24933
2022-02-28 09:15:08
wpvulndb
wpvulndb
Dynamic Widgets <= 1.5.16 - Reflected Cross-Site Scripting
2021-12-28 00:00:00
patchstack
patchstack