Lucene search
China National Vulnerability DatabaseCNVD-2022-68915HistoryAug 05, 2021 - 12:00 a.m.
WordPress The Any Hostname plugin cross-site scripting vulnerability
2021-08-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
24.9%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. the Any Hostname plugin is a WordPress application plugin. the WordPress The Any Hostname plugin 1.0.6 and earlier versions have a cross-site scripting vulnerability that stems from the plugin’s failure to clean up or evade its “Allowed hosts” setting. An attacker could exploit this vulnerability to cause a stored XSS issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wordpress the any hostname | le | 1.0.6 |
Related
cve
cve
CVE-2021-24481
2021-08-02 11:15:10
cvelist
cvelist
wpvulndb
wpvulndb
Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-28 00:00:00
prion
prion
Cross site scripting
2021-08-02 11:15:00
nvd
nvd
CVE-2021-24481
2021-08-02 11:15:10
wpexploit
wpexploit
Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-28 00:00:00