Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:23 p.m.10 views

CVE-2021-24129

Unvalidated input and lack of output encoding in the Themify Portfolio Post WordPress plugin, versions before 1.1.6, lead to Stored Cross-Site Scripting XSS vulnerabilities allowing low-privileged users Contributor+ to inject arbitrary JavaScript code or HTML in posts where the Themify Custom Pan...

5.4CVSS5.8AI score0.00658EPSS
Exploits2References1
Circl
Circl
added 2021/03/18 5:32 p.m.4 views

CVE-2021-24129

creationtimestamp| type| source ---|---|--- 2021-03-18 17:32:19+00:00| seen| https://t.me/cibsecurity/25101...

5.4CVSS5.5AI score0.00658EPSS
Exploits2References1
CVE
CVE
added 2021/03/18 2:57 p.m.54 views

CVE-2021-24129

The CVE-2021-24129 entry concerns the WordPress Themify Portfolio Post plugin. Affected: versions before 1.1.6. Root cause: unvalidated input and lack of output encoding in the plugin, enabling Stored Cross-Site Scripting (XSS). Impact: low-privilege users (Contributor+) can inject JavaScript/HTM...

5.4CVSS5.4AI score0.00658EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/03/18 2:57 p.m.28 views

CVE-2021-24129 Themify Portfolio Post < 1.1.6 - Authenticated Stored Cross-Site Scripting

Unvalidated input and lack of output encoding in the Themify Portfolio Post WordPress plugin, versions before 1.1.6, lead to Stored Cross-Site Scripting XSS vulnerabilities allowing low-privileged users Contributor+ to inject arbitrary JavaScript code or HTML in posts where the Themify Custom Pan...

5.6AI score0.00658EPSS
Exploits2References1
Rows per page
Query Builder