Lucene search
PRIOn knowledge basePRION:CVE-2021-24615HistoryOct 18, 2021 - 2:15 p.m.
Cross site scripting
2021-10-1814:15:00
PRIOn knowledge base
www.prio-n.com
1
0.001 Low
EPSS
Percentile
21.8%
The Wechat Reward WordPress plugin through 1.7 does not sanitise or escape its QR settings, nor has any CSRF check in place, allowing attackers to make a logged in admin change the settings and perform Cross-Site Scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wechat_reward | le | 1.7 |
Related
wpvulndb
wpvulndb
Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting
2021-09-20 00:00:00
cve
cve
CVE-2021-24615
2021-10-18 14:15:09
patchstack
patchstack
cnvd
cnvd
WordPress Wechat Reward plugin cross-site request forgery vulnerability
2021-10-24 00:00:00
cvelist
cvelist
CVE-2021-24615 Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting
2021-10-18 13:45:47
nvd
nvd
CVE-2021-24615
2021-10-18 14:15:09
wpexploit
wpexploit
Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting
2021-09-20 00:00:00