Lucene search
Vlad Visse (Patchstack Red Team)PATCHSTACK:F96618BCBDCE2F74F343266FB084465BHistoryJul 18, 2021 - 12:00 a.m.
WordPress iQ Block Country plugin <= 1.2.11 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability
2021-07-1800:00:00
Vlad Visse (Patchstack Red Team)
patchstack.com
6
0.001 Low
EPSS
Percentile
48.4%
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability discovered by Vlad Visse (Patchstack Red Team) in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage.
Solution
Update the WordPress iQ Block Country plugin to the latest available version (at least 1.2.12).
| CPE | Name | Operator | Version |
|---|---|---|---|
| iq block country | le | 1.2.11 |
Related
cve
cve
CVE-2021-36873
2021-09-23 17:15:12
cvelist
cvelist
patchstack
patchstack
prion
prion
Cross site scripting
2021-09-23 17:15:00
wpvulndb
wpvulndb
iQ Block Country < 1.2.12 - Admin+ Stored Cross-Site Scripting
2021-07-17 00:00:00
nvd
nvd
CVE-2021-36873
2021-09-23 17:15:12
nuclei
nuclei
WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting
2022-09-23 09:23:00