Lucene search
K

4 matches found

Circl
Circl
added 2022/01/24 12:17 p.m.8 views

CVE-2021-24694

creationtimestamp| type| source ---|---|--- 2022-01-24 12:17:10+00:00| seen| https://t.me/cibsecurity/36104...

5.4CVSS5.5AI score0.00611EPSS
Exploits2References1
NVD
NVD
added 2022/01/24 8:15 a.m.11 views

CVE-2021-24694

The Simple Download Monitor WordPress plugin before 3.9.11 could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attack via 1 "color" or "cssclass" argument of sdmdownload shortcode, 2 "class" or "placeholder" argument of sdmsearchform shortcode...

5.4CVSS0.00611EPSS
Exploits2References1
CVE
CVE
added 2022/01/24 8:0 a.m.57 views

CVE-2021-24694

CVE-2021-24694 affects the WordPress plugin Simple Download Monitor up to version 3.9.10. The vulnerability allows attackers with a role as low as Contributor to perform a Stored Cross-Site Scripting (XSS) via shortcodes: either the color/css_class parameters in sdm_download or the class/placehol...

5.4CVSS5.2AI score0.00611EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/01/24 8:0 a.m.15 views

CVE-2021-24694 Simple Download Monitor < 3.9.11 - Contributor+ Stored Cross-Site Scripting via Shortcodes

The Simple Download Monitor WordPress plugin before 3.9.11 could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attack via 1 "color" or "cssclass" argument of sdmdownload shortcode, 2 "class" or "placeholder" argument of sdmsearchform shortcode...

5.5AI score0.00611EPSS
Exploits2References1
Rows per page
Query Builder