Lucene search
WPScanCVELIST:CVE-2021-24922HistoryDec 13, 2021 - 10:41 a.m.
CVE-2021-24922 Pixel Cat Lite < 2.6.2 - CSRF to Stored Cross-Site Scripting
2021-12-1310:41:19
CWE-352
WPScan
www.cve.org
3
pixel cat lite
wordpress plugin
csrf
stored xss
vulnerability
The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks
CNA Affected
[
{
"product": "Pixel Cat – Conversion Pixel Manager",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.6.2",
"status": "affected",
"version": "2.6.2",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Pixel Cat Lite < 2.6.2 - CSRF to Stored Cross-Site Scripting
2021-11-15 00:00:00
patchstack
patchstack
wpexploit
wpexploit
Pixel Cat Lite < 2.6.2 - CSRF to Stored Cross-Site Scripting
2021-11-15 00:00:00
prion
prion
Cross site scripting
2021-12-13 11:15:00
nvd
nvd
CVE-2021-24922
2021-12-13 11:15:09
cnvd
cnvd
WordPress Pixel Cat plugin cross-site request forgery vulnerability
2021-12-18 00:00:00
cve
cve
CVE-2021-24922
2021-12-13 11:15:09