Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-24128
HistoryMar 18, 2021 - 3:15 p.m.

Cross site scripting

2021-03-1815:15:00
PRIOn knowledge base
www.prio-n.com
4

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.8%

Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attacker (contributor+) to inject arbitrary web script or HTML via the ‘Description/biography’ of a member.

CPENameOperatorVersion
team_memberslt5.0.4

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.8%

Related for PRION:CVE-2021-24128