Lucene search
K

CVE-2021-24967

🗓️ 27 Dec 2021 10:33:21Reported by WPScanType 
cve
 cve
🔗 web.nvd.nist.gov👁 51 Views🌐 WEB

The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 allows XSS attack

Related
Detection
Affected
Refs
Paths
NVD
Vulners
[
  {
    "product": "Contact Form & Lead Form Elementor Builder",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.6.4",
        "status": "affected",
        "version": "1.6.4",
        "versionType": "custom"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
name_1request body/wp-admin/admin-ajax.phpUnauthenticated XSS via unsanitised lead values in admin-ajax handling leading to script execution in admin viewCWE-79
email_2request body/wp-admin/admin-ajax.phpUnauthenticated XSS via unsanitised lead values in admin-ajax handling leading to script execution in admin viewCWE-79
number_3request body/wp-admin/admin-ajax.phpUnauthenticated XSS via unsanitised lead values in admin-ajax handling leading to script execution in admin viewCWE-79
message_4request body/wp-admin/admin-ajax.phpUnauthenticated XSS via unsanitised lead values in admin-ajax handling leading to script execution in admin viewCWE-79
hidden_fieldrequest body/wp-admin/admin-ajax.phpUnauthenticated XSS via unsanitised lead values in admin-ajax handling leading to script execution in admin viewCWE-79
actionrequest body/wp-admin/admin-ajax.phpUnauthenticated XSS via unsanitised lead values in admin-ajax handling leading to script execution in admin viewCWE-79

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 03:41Current
6Medium risk
Vulners AI Score6
CVSS 24.3
CVSS 3.16.1
EPSS0.01167
51