Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Circl
Circladded 2021/10/22 12:37 a.m.2 views

CVE-2021-39348

creationtimestamp| type| source ---|---|--- 2021-10-22 00:37:32+00:00| seen| https://t.me/cibsecurity/30995...

5.5CVSS4.8AI score0.00653EPSS
Exploits1References1
NVD
NVDadded 2021/10/21 8:15 p.m.11 views

CVE-2021-39348

The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $customprofile parameter found in the /inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in version...

5.5CVSS0.00653EPSS
Exploits1References3
CVE
CVEadded 2021/10/21 7:38 p.m.48 views

CVE-2021-39348

The CVE-2021-39348 entry describes a stored XSS in the LearnPress WordPress plugin caused by insufficient escaping of the $custom_profile parameter in inc/admin/views/backend-user-profile.php. Affected are LearnPress versions up to 4.1.3.1, including multisite setups or admins with unfiltered_htm...

5.5CVSS4.7AI score0.00653EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder