3 matches found
CVE-2021-24941
creationtimestamp| type| source ---|---|--- 2021-12-21 12:23:40+00:00| seen| https://t.me/cibsecurity/34416...
CVE-2021-24941
CVE-2021-24941 concerns the WordPress Icegram plugin (before 2.0.5). The vulnerability is a reflected XSS in the get_message_action_row AJAX action: the plugin does not sanitize/escape the message_id parameter before echoing it back in an attribute. Affected component: Icegram plugin for WordPres...
CVE-2021-24941 Icegram < 2.0.5 - Reflected Cross-Site Scripting
The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.0.5 does not sanitise and escape the messageid parameter of the getmessageactionrow AJAX action before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue...