Lucene search
K

50 matches found

OSV
OSV
added 2021/05/06 1:15 p.m.3 views

CVE-2021-24246

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscoutsendmessagechat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues...

5.4CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2021/05/06 1:15 p.m.18 views

CVE-2021-24246

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscoutsendmessagechat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues...

5.4CVSS0.00659EPSS
Exploits2References2
Prion
Prion
added 2021/05/06 1:15 p.m.14 views

Cross site scripting

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscoutsendmessagechat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues...

3.5CVSS5.3AI score0.00659EPSS
Exploits2References2Affected Software2
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Workscout Core Plugin versions prior to...

5.4CVSS5.5AI score0.00659EPSS
Exploits2References2
CVE
CVE
added 2021/05/05 6:39 p.m.45 views

CVE-2021-24246

The CVE-2021-24246 entry concerns the Workscout Core WordPress plugin (before 1.3.4) used with the WorkScout Theme. The issue arises because chat messages sent via the workscout_send_message_chat AJAX action were not properly sanitised, leading to Stored Cross-Site Scripting (Stored XSS) and Cros...

5.4CVSS5.3AI score0.00659EPSS
Exploits2References2Affected Software2
Cvelist
Cvelist
added 2021/05/05 6:39 p.m.22 views

CVE-2021-24246 WorkScout Core < 1.3.4 - Authenticated Stored XSS & XFS

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscoutsendmessagechat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues...

5.5AI score0.00659EPSS
Exploits2References2
wpexploit
wpexploit
added 2021/04/08 12:0 a.m.129 views

WorkScout Core < 1.3.4 - Authenticated Stored XSS & XFS

The plugin, used by the WorkScout Theme did not sanitise the chat messages sent via the workscoutsendmessagechat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues Payloads: " " POST /wp-admin/admin-ajax.php HTTP/1.1 Content-Type: application/x-www-form-urlencode...

3.5CVSS0.4AI score0.00659EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2021/04/08 12:0 a.m.43 views

WorkScout Core < 1.3.4 - Authenticated Stored XSS & XFS

The plugin, used by the WorkScout Theme did not sanitise the chat messages sent via the workscoutsendmessagechat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues PoC Payloads: " POST /wp-admin/admin-ajax.php HTTP/1.1 Content-Type:...

3.5CVSS1.5AI score0.00659EPSS
Exploits2References1Affected Software2
Patchstack
Patchstack
added 2021/03/29 12:0 a.m.13 views

WordPress WorkScout premium theme <= 2.0.31 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by m0ze Patchstack Red Team in WordPress WorkScout premium theme versions = 2.0.31. Solution Update the WordPress WorkScout premium theme to the latest available version at least 2.0.32...

2AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2021/03/29 12:0 a.m.20 views

WordPress WorkScout premium theme <= 2.0.31 - Cross-Frame Scripting (XFS) vulnerability

Cross-Frame Scripting XFS vulnerability discovered by m0ze Patchstack Red Team in WordPress WorkScout premium theme versions = 2.0.31. Solution Update the WordPress WorkScout premium theme to the latest available version at least 2.0.32...

2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder