Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.9 views

CVE-2021-24901

The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.05063EPSS
Exploits5References1
NVD
NVD
added 2022/02/28 9:15 a.m.26 views

CVE-2021-24901

The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.05063EPSS
Exploits5References1
CVE
CVE
added 2022/02/28 9:6 a.m.105 views

CVE-2021-24901

The CVE-2021-24901 affects the WordPress Security Audit plugin (versions ≤ 1.0.0). Root cause: the Data Id setting is not sanitized/escaped, enabling stored XSS. Impact: stored client-side code execution; attack could occur even if unfiltered_html is disallowed. Public exploit details exist (payl...

4.8CVSS4.6AI score0.05063EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2022/02/28 9:6 a.m.25 views

CVE-2021-24901 Security Audit <= 1.0.0 - Admin+ Stored Cross Site Scripting

The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.05063EPSS
Exploits5References1
0day.today
0day.today
added 2022/02/08 12:0 a.m.214 views

WordPress Security Audit 1.0.0 Plugin - Stored Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Tested on Windows CVE...

4.8CVSS5.2AI score0.05063EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/02/08 12:0 a.m.238 views

WordPress Security Audit 1.0.0 Cross Site Scripting

Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Date: 2022-01-26 Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Test...

5.2AI score0.05063EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.339 views

WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Date: 2022-01-26 Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Test...

4.8CVSS5.5AI score0.05063EPSS
Exploits5
Rows per page
Query Builder