Lucene search
China National Vulnerability DatabaseCNVD-2022-69137HistoryJul 07, 2021 - 12:00 a.m.
WordPress WP Offload SES Lite plugin cross-site scripting vulnerability
2021-07-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
24.8%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress WP Offload SES Lite plugin prior to 1.4.5, which stems from the plugin’s failure to escape certain fields in the “activity” page of the admin dashboard such as the email id, subject and recipient. An attacker could exploit this vulnerability to cause a stored cross-site scripting issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wp offload ses lite plugin | lt | 1.4.5 |
Related
wpvulndb
wpvulndb
WP Offload SES Lite < 1.4.5 - Stored Cross-Site Scripting (XSS)
2021-06-29 00:00:00
wpexploit
wpexploit
WP Offload SES Lite < 1.4.5 - Stored Cross-Site Scripting (XSS)
2021-06-29 00:00:00
cve
cve
CVE-2021-24494
2021-07-06 11:15:09
prion
prion
Cross site scripting
2021-07-06 11:15:00
nvd
nvd
CVE-2021-24494
2021-07-06 11:15:09
patchstack
patchstack
cvelist
cvelist