Lucene search
K

4 matches found

NVD
NVD
added 2021/12/13 11:15 a.m.15 views

CVE-2021-24771

The Inspirational Quote Rotator WordPress plugin through 1.0.0 does not sanitize and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the "Quotes list" even when the unfilteredhtml capability is disallo...

4.8CVSS0.00598EPSS
Exploits2References1
CVE
CVE
added 2021/12/13 10:40 a.m.41 views

CVE-2021-24771

The CVE-2021-24771 entry corresponds to the WordPress Inspirational Quote Rotator plugin (versions up to 1.0.0) with a stored XSS vulnerability. Multiple connected sources confirm that admin users can inject malicious content into quote fields, which is then output in the Quotes list due to insuf...

4.8CVSS4.8AI score0.00598EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/12/13 12:0 a.m.2 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. nspirational Quote Rotator plugin is a WordPress open source application plugin. WordPress Inspirational Quote...

4.8CVSS5.6AI score0.00598EPSS
Exploits2References2
wpexploit
wpexploit
added 2021/11/15 12:0 a.m.142 views

Inspirational Quote Rotator <= 1.0.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the "Quotes list" even when the unfilteredhtml capability is disallowed Add/edit a quote...

4.8CVSS5.2AI score0.00598EPSS
Exploits2
Rows per page
Query Builder