Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2021-24410
HistoryAug 16, 2021 - 10:48 a.m.

CVE-2021-24410 Telugu Bible Verse Daily <= 1.0 - CSRF to Stored XSS

2021-08-1610:48:19
CWE-352
CWE-79
WPScan
www.cve.org
1

0.001 Low

EPSS

Percentile

28.1%

JSON

The తెలుగు బైబిల్ వచనములు WordPress plugin through 1.0 is lacking any CSRF check when saving its settings and verses, and do not sanitise or escape them when outputting them back in the page. This could allow attackers to make a logged in admin change the settings, as well as add malicious verses containing JavaScript code in them, leading to Stored XSS issues

CNA Affected

[
  {
    "product": "తెలుగు బైబిల్ వచనములు",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThanOrEqual": "1.0",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  }
]

Related

nvd 1
cve 1
prion 1
wpvulndb 1
wpexploit 1
nvd
nvd
CVE-2021-24410
2021-08-16 11:15:08
cve
cve
CVE-2021-24410
2021-08-16 11:15:08
prion
prion
Cross site request forgery (csrf)
2021-08-16 11:15:00
wpvulndb
wpvulndb
Telugu Bible Verse Daily <= 1.0 - CSRF to Stored XSS
2021-07-19 00:00:00
wpexploit
wpexploit
Telugu Bible Verse Daily <= 1.0 - CSRF to Stored XSS
2021-07-19 00:00:00

0.001 Low

EPSS

Percentile

28.1%

JSON
Related for CVELIST:CVE-2021-24410
nvd1cve1prion1wpvulndb1wpexploit1