Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.6 views

CVE-2021-24516

The PlanSo Forms WordPress plugin through 2.6.3 does not escape the title of its Form before outputting it in attributes, allowing high privilege users such as admin to set XSS payload in it, even when the unfilteredhtml is disallowed, leading to an Authenticated Stored Cross-Site Scripting issue...

4.8CVSS5.2AI score0.00618EPSS
Exploits2References1
Metasploit
Metasploit
added 2021/11/02 5:43 p.m.429 views

WordPress Plugin Pie Register Auth Bypass to RCE

This module uses an authentication bypass vulnerability in Wordpress Plugin Pie Register use exploit/unix/webapp/wppieregisterbypassrce msf exploitwppieregisterbypassrce show targets ...targets... msf exploitwppieregisterbypassrce set TARGET msf exploitwppieregisterbypassrce show options ...show...

10CVSS7.3AI score0.09903EPSS
Exploits7
Circl
Circl
added 2021/10/18 6:32 p.m.6 views

CVE-2021-24516

creationtimestamp| type| source ---|---|--- 2021-10-18 18:32:18+00:00| seen| https://t.me/cibsecurity/30713...

4.8CVSS4.9AI score0.00618EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/10/18 1:45 p.m.18 views

CVE-2021-24516 PlanSo Forms <= 2.6.3 - Authenticated Stored Cross-Site Scripting

The PlanSo Forms WordPress plugin through 2.6.3 does not escape the title of its Form before outputting it in attributes, allowing high privilege users such as admin to set XSS payload in it, even when the unfilteredhtml is disallowed, leading to an Authenticated Stored Cross-Site Scripting issue...

4.9AI score0.00618EPSS
Exploits2References1
CVE
CVE
added 2021/10/18 1:45 p.m.46 views

CVE-2021-24516

CVE-2021-24516 affects PlanSo Forms for WordPress (

4.8CVSS4.8AI score0.00618EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder