Lucene search
WPScanCVELIST:CVE-2021-24476HistoryAug 02, 2021 - 10:32 a.m.
CVE-2021-24476 Steam Group Viewer <= 2.1 - Authenticated Stored Cross-Site Scripting (XSS)
2021-08-0210:32:16
CWE-79
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
24.8%
The Steam Group Viewer WordPress plugin through 2.1 does not sanitise or escape its “Steam Group Address” settings before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting issue
CNA Affected
[
{
"product": "Steam Group Viewer",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "2.1",
"status": "affected",
"version": "2.1",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2021-08-02 11:15:00
wpexploit
wpexploit
Steam Group Viewer <= 2.1 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-28 00:00:00
wpvulndb
wpvulndb
Steam Group Viewer <= 2.1 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-28 00:00:00
nvd
nvd
CVE-2021-24476
2021-08-02 11:15:10
cve
cve
CVE-2021-24476
2021-08-02 11:15:10
cnvd
cnvd
WordPress Steam Group Viewer plugin cross-site scripting vulnerability
2021-08-05 00:00:00