Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.9 views

CVE-2021-24424

The WP Reset – Most Advanced WordPress Reset Tool WordPress plugin before 1.90 did not sanitise or escape its extradata parameter when creating a snapshot via the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...

5.4CVSS5.8AI score0.00629EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2021/07/20 12:0 a.m.15 views

WordPress WP Reset plugin < 1.90 XSS Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

5.4CVSS7AI score0.00629EPSS
Exploits2References3
NVD
NVD
added 2021/07/12 8:15 p.m.23 views

CVE-2021-24424

The WP Reset – Most Advanced WordPress Reset Tool WordPress plugin before 1.90 did not sanitise or escape its extradata parameter when creating a snapshot via the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...

5.4CVSS0.00629EPSS
Exploits2References2
CVE
CVE
added 2021/07/12 7:20 p.m.74 views

CVE-2021-24424

The CVE describes an authenticated Stored XSS in the WP Reset plugin for WordPress (versions before 1.90). The root cause is failure to sanitize/escape the extra_data parameter when creating a snapshot via the admin dashboard, enabling injected HTML/JS payloads. The vulnerability affects WP Reset

5.4CVSS5.2AI score0.00629EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder