Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

7 matches found

NVD
NVDβ€’added 2022/03/14 3:15 p.m.β€’9 views

CVE-2021-24996

The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting...

6.1CVSS0.0021EPSS
Exploits2References1
OSV
OSVβ€’added 2022/03/14 3:15 p.m.β€’2 views

CVE-2021-24996

The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.0021EPSS
Exploits2References1
Cvelist
Cvelistβ€’added 2022/03/14 2:41 p.m.β€’13 views

CVE-2021-24996 IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting

The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting...

6.3AI score0.0021EPSS
Exploits2References1
CVE
CVEβ€’added 2022/03/14 2:41 p.m.β€’87 views

CVE-2021-24996

The CVE-2021-24996 entry concerns the WordPress plugin IDPay for Contact Form 7 (≀ 2.1.2). The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of the idpay_error parameter when echoed back on the page, enabling an attacker-controlled payload to execu...

6.1CVSS6.1AI score0.0021EPSS
Exploits2References1Affected Software1
wpexploit
wpexploitβ€’added 2021/11/23 12:0 a.m.β€’58 views

IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting Append the following payload on a page where a form with an idPay payment interface is embed: &idpayerror=alert/XSS/ Example:...

6.1CVSS0.0021EPSS
Exploits2
WPVulnDB
WPVulnDBβ€’added 2021/11/23 12:0 a.m.β€’16 views

IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting PoC Append the following payload on a page where a form with an idPay payment interface is embed: error= Example:...

6.1CVSS0.5AI score0.0021EPSS
Exploits2Affected Software1
Patchstack
Patchstackβ€’added 2021/11/23 12:0 a.m.β€’20 views

WordPress IDPay for Contact Form 7 plugin <= 2.1.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Jeremie Amsellem in WordPress IDPay for Contact Form 7 plugin versions = 2.1.2. Solution Deactivate and delete. This plugin has been closed as of November 23, 2021 and is not available for download. Reason: Security Issue...

6.1CVSS3.1AI score0.0021EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder