Lucene search
PRIOn knowledge basePRION:CVE-2021-24935HistoryDec 06, 2021 - 4:15 p.m.
Cross site scripting
2021-12-0616:15:00
PRIOn knowledge base
www.prio-n.com
1
0.001 Low
EPSS
Percentile
30.0%
The WP Google Fonts WordPress plugin before 3.1.5 does not escape the googlefont_ajax_name and googlefont_ajax_family parameter of the googlefont_action AJAx action (available to any authenticated user) before outputing them in attributes, leading Reflected Cross-Site Scripting issues
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp_google_fonts | lt | 3.1.5 |
Related
cvelist
cvelist
CVE-2021-24935 WP Google Fonts < 3.1.5 - Reflected Cross-Site Scripting
2021-12-06 15:55:35
wpvulndb
wpvulndb
WP Google Fonts < 3.1.5 - Reflected Cross-Site Scripting
2021-11-03 00:00:00
wpexploit
wpexploit
WP Google Fonts < 3.1.5 - Reflected Cross-Site Scripting
2021-11-03 00:00:00
nvd
nvd
CVE-2021-24935
2021-12-06 16:15:08
cve
cve
CVE-2021-24935
2021-12-06 16:15:08
cnvd
cnvd
WordPress WP Google Fonts plugin cross-site scripting vulnerability
2021-12-09 00:00:00