Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.6 views

CVE-2021-24785

The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS6AI score0.00598EPSS
Exploits2References1
NVD
NVD
added 2021/10/25 2:15 p.m.12 views

CVE-2021-24785

The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS0.00598EPSS
Exploits2References1
OSV
OSV
added 2021/10/25 2:15 p.m.2 views

CVE-2021-24785

The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS5.8AI score0.00598EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/10/25 1:20 p.m.15 views

CVE-2021-24785 Great Quotes <= 1.0.0 - Admin+ Stored Cross-Site Scripting

The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

5.8AI score0.00598EPSS
Exploits2References1
CVE
CVE
added 2021/10/25 1:20 p.m.46 views

CVE-2021-24785

CVE-2021-24785 affects the WordPress plugin Great Quotes (versions ≤ 1.0.0). The vulnerability is a stored Cross-Site Scripting (XSS) in the Quote and Author fields, arising from failure to sanitize/escape input. Public references describe that high-privilege users could perform XSS even with unf...

4.8CVSS5.1AI score0.00598EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/10/25 12:0 a.m.5 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin The Great Quotes 1.0.0 and...

4.8CVSS4.9AI score0.00598EPSS
Exploits2References2
wpexploit
wpexploit
added 2021/09/27 12:0 a.m.489 views

Great Quotes <= 1.0.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed. Add/edit a Quote and put the following payload in the "Quote" and "Author" fields:...

4.8CVSS0.9AI score0.00598EPSS
Exploits2
Patchstack
Patchstack
added 2021/09/27 12:0 a.m.14 views

WordPress Great Quotes plugin <= 1.0.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Vishal Mohan in WordPress Great Quotes plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of September 24, 2021 and is not available for download. This closure is temporary, pending a full review...

2.6AI score0.00598EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder