Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24665
HistoryAug 30, 2021 - 2:11 p.m.

CVE-2021-24665 WP Video Lightbox < 1.9.3 - Contributor+ Stored Cross-Site Scripting

2021-08-3014:11:26
CWE-79
WPScan
www.cve.org

0.001 Low

EPSS

Percentile

19.4%

The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks

CNA Affected

[
  {
    "product": "WP Video Lightbox",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.9.3",
        "status": "affected",
        "version": "1.9.3",
        "versionType": "custom"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

19.4%

Related for CVELIST:CVE-2021-24665