Lucene search
K

4 matches found

Circl
Circl
added 2021/09/10 6:31 p.m.5 views

CVE-2021-38336

creationtimestamp| type| source ---|---|--- 2021-09-10 18:31:42+00:00| seen| https://t.me/cibsecurity/28683 2025-05-02 20:16:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14593...

6.1CVSS6.1AI score0.00866EPSS
Exploits1References2
NVD
NVD
added 2021/09/10 2:15 p.m.9 views

CVE-2021-38336

The Edit Comments XT WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /edit-comments-xt.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...

6.1CVSS0.00866EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2021/09/10 1:34 p.m.3 views

CVE-2021-38336 Edit Comments XT <= 1.0 Reflected Cross-Site Scripting

The Edit Comments XT WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /edit-comments-xt.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...

6.1CVSS6.1AI score0.00866EPSS
Exploits1References2
CVE
CVE
added 2021/09/10 1:34 p.m.42 views

CVE-2021-38336

CVE-2021-38336 affects the WordPress plugin Edit Comments XT (versions up to and including 1.0). The root cause is a reflected Cross-Site Scripting (XSS) vulnerability caused by a reflected $_SERVER["PHP_SELF"] value in the file ~/edit-comments-xt.php, enabling attackers to inject arbitrary web s...

6.1CVSS6AI score0.00866EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder