Lucene search
China National Vulnerability DatabaseCNVD-2022-68909HistoryAug 05, 2021 - 12:00 a.m.
WordPress Steam Group Viewer plugin cross-site scripting vulnerability
2021-08-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
24.9%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The Steam Group Viewer plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Steam Group Viewer plugin version 2.1 and earlier, which results from the plugin failing to clean or escape its “Steam Group Address” setting before outputting it on a page. The vulnerability is caused by the plugin’s failure to clean or escape its “Steam Group Address” setting before output on a page. An attacker could exploit this vulnerability to cause a cross-site scripting issue to be stored.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wordpress steam group viewer | le | 2.1 |
Related
cvelist
cvelist
wpvulndb
wpvulndb
Steam Group Viewer <= 2.1 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-28 00:00:00
cve
cve
CVE-2021-24476
2021-08-02 11:15:10
nvd
nvd
CVE-2021-24476
2021-08-02 11:15:10
prion
prion
Cross site scripting
2021-08-02 11:15:00
wpexploit
wpexploit
Steam Group Viewer <= 2.1 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-28 00:00:00