Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24764
HistoryFeb 01, 2022 - 12:21 p.m.

CVE-2021-24764 Perfect Survey < 1.5.2 - Reflected Cross-Site Scripting

2022-02-0112:21:24
WPScan
www.cve.org

EPSS

0.001

Percentile

40.2%

The Perfect Survey WordPress plugin before 1.5.2 does not sanitise and escape multiple parameters (id and filters[session_id] of single_statistics page, type and message of importexport page) before outputting them back in pages/attributes in the admin dashboard, leading to Reflected Cross-Site Scripting issues

EPSS

0.001

Percentile

40.2%

Related for CVELIST:CVE-2021-24764