Lucene search
听雨眠PATCHSTACK:4FAEE82100D0C8DDC0E60500E3948358HistorySep 20, 2021 - 12:00 a.m.
WordPress Wechat Reward plugin <= 1.7 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS)
2021-09-2000:00:00
听雨眠
patchstack.com
3
0.001 Low
EPSS
Percentile
21.8%
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) discovered by 听雨眠 in WordPress Wechat Reward plugin (versions <= 1.7).
Solution
Deactivate and delete. This plugin has been closed as of August 10, 2021 and is not available for download. Reason: Security Issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wechat reward | le | 1.7 |
Related
prion
prion
Cross site scripting
2021-10-18 14:15:00
wpexploit
wpexploit
Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting
2021-09-20 00:00:00
wpvulndb
wpvulndb
Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting
2021-09-20 00:00:00
cve
cve
CVE-2021-24615
2021-10-18 14:15:09
cnvd
cnvd
WordPress Wechat Reward plugin cross-site request forgery vulnerability
2021-10-24 00:00:00
cvelist
cvelist
CVE-2021-24615 Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting
2021-10-18 13:45:47
nvd
nvd
CVE-2021-24615
2021-10-18 14:15:09