Lucene search
K

4 matches found

Circl
Circl
added 2021/11/29 10:33 p.m.7 views

CVE-2021-42364

creationtimestamp| type| source ---|---|--- 2021-11-29 22:33:44+00:00| seen| https://t.me/cibsecurity/33065...

8.8CVSS8.1AI score0.00605EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/29 6:10 p.m.17 views

CVE-2021-42364 Stetic <= 1.0.6 Cross-Site Request Forgery to Stored Cross-Site Scripting

The Stetic WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the statspage function found in the /stetic.php file, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.0.6...

8.8CVSS8.8AI score0.00605EPSS
Exploits0References2
CVE
CVE
added 2021/11/29 6:10 p.m.37 views

CVE-2021-42364

The CVE-2021-42364 entry maps to the WordPress Stetic plugin vulnerability, where Cross-Site Request Forgery arises from missing nonce validation in the stats_page function of stetic.php. Affected versions are up to 1.0.6, enabling attackers to inject arbitrary web scripts (Stored XSS). Several c...

8.8CVSS8.7AI score0.00605EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/11/29 6:10 p.m.5 views

CVE-2021-42364 Stetic <= 1.0.6 Cross-Site Request Forgery to Stored Cross-Site Scripting

The Stetic WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the statspage function found in the /stetic.php file, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.0.6...

8.8CVSS8.6AI score0.00605EPSS
Exploits0References2
Rows per page
Query Builder