Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.13 views

CVE-2021-24622

The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00622EPSS
Exploits2References1
NVD
NVD
added 2021/10/18 2:15 p.m.17 views

CVE-2021-24622

The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00622EPSS
Exploits2References1
CVE
CVE
added 2021/10/18 1:45 p.m.57 views

CVE-2021-24622

The vulnerability CVE-2021-24622 affects the WordPress WP Ticket plugin prior to 5.10.4. The issue is that the plugin does not sanitize or escape form fields before outputting them in the List, enabling stored Cross-Site Scripting by high-privilege users even when unfiltered_html is disallowed. I...

4.8CVSS4.8AI score0.00622EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/10/18 1:45 p.m.29 views

CVE-2021-24622 WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting

The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5.1AI score0.00622EPSS
Exploits2References1
Rows per page
Query Builder