Lucene search
WPScanCVELIST:CVE-2021-24489HistoryOct 25, 2021 - 1:20 p.m.
CVE-2021-24489 Request a Quote < 2.3.9 - Admin+ Stored Cross-Site Scripting
2021-10-2513:20:38
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
24.8%
The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Request a Quote",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "2.3.9"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
cve
cve
CVE-2021-24489
2021-10-25 14:15:10
wpexploit
wpexploit
Request a Quote < 2.3.5 - Admin+ Stored Cross-Site Scripting
2021-09-21 00:00:00
ubuntucve
ubuntucve
CVE-2021-24489
2021-06-15 00:00:00
nvd
nvd
CVE-2021-24489
2021-10-25 14:15:10
wpvulndb
wpvulndb
Request a Quote < 2.3.5 - Admin+ Stored Cross-Site Scripting
2021-09-21 00:00:00
veracode
veracode
Privilege Escalation
2021-06-12 18:22:18
prion
prion
Cross site scripting
2021-10-25 14:15:00
archlinux
archlinux
[ASA-202106-34] intel-ucode: multiple issues
2021-06-15 00:00:00
cloudfoundry
cloudfoundry
USN-4985-1: Intel Microcode vulnerabilities | Cloud Foundry
2021-06-11 00:00:00
threatpost
threatpost
Intel Plugs 29 Holes in CPUs, Bluetooth, Security
2021-06-09 16:17:39