Lucene search
China National Vulnerability DatabaseCNVD-2022-69146HistoryJun 03, 2021 - 12:00 a.m.
WordPress WP Prayer plugin cross-site scripting vulnerability
2021-06-0300:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
wordpress
prayer plugin
cross-site scripting
vulnerability
php
user input
javascript
credential information
version 1.6.2
wordpress website
filtering
EPSS
0.001
Percentile
19.8%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WP Prayer WordPress is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of the WordPress WP Prayer plugin prior to 1.6.2, which stems from the fact that the WordPress plugin provides a feature to store requests and list them on the WordPress website while doing effective filtering of user input. An attacker could use this vulnerability to inject malicious JavaScript code to steal user credential information.
Related
wpvulndb
wpvulndb
WP Prayer < 1.6.2 - Authenticated Stored Cross-Site Scripting (XSS)
2021-05-17 00:00:00
zdt
zdt
patchstack
patchstack
packetstorm
packetstorm
WordPress WP Prayer 1.6.1 Cross Site Scripting
2021-06-01 00:00:00
cvelist
cvelist
wpexploit
wpexploit
WP Prayer < 1.6.2 - Authenticated Stored Cross-Site Scripting (XSS)
2021-05-17 00:00:00
prion
prion
Input validation
2021-06-01 14:15:00
cve
cve
CVE-2021-24313
2021-06-01 14:15:08
nvd
nvd
CVE-2021-24313
2021-06-01 14:15:08
exploitdb
exploitdb