Lucene search
WPScanCVELIST:CVE-2021-24301HistoryMay 24, 2021 - 10:58 a.m.
CVE-2021-24301 Hotjar Connecticator <= 1.1.1 - Authenticated Stored Cross-Site Scripting (XSS)
2021-05-2410:58:04
CWE-79
WPScan
raw.githubusercontent.com
1
The Hotjar Connecticator WordPress plugin through 1.1.1 is vulnerable to Stored Cross-Site Scripting (XSS) in the βhotjar scriptβ textarea. The request did include a CSRF nonce that was properly verified by the server and this vulnerability could only be exploited by administrator users.
Related
prion
prion
Cross site scripting
2021-05-24 11:15:00
wpvulndb
wpvulndb
cve
cve
CVE-2021-24301
2021-05-24 11:15:00
wpexploit
wpexploit