Lucene search
K

4 matches found

OSV
OSV
added 2022/03/07 9:15 a.m.2 views

CVE-2021-24821

The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator Price Settings which gets injected on the edit page as well as any page that embeds the calculator using th...

5.4CVSS6.1AI score0.00595EPSS
Exploits2References1
Prion
Prion
added 2022/03/07 9:15 a.m.22 views

Cross site scripting

The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator Price Settings which gets injected on the edit page as well as any page that embeds the calculator using th...

3.5CVSS5.3AI score0.00595EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/03/07 8:16 a.m.22 views

CVE-2021-24821 Cost Calculator < 1.6 - Contributor+ Stored Cross-Site Scripting

The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator Price Settings which gets injected on the edit page as well as any page that embeds the calculator using th...

5.5AI score0.00595EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2022/02/01 12:0 a.m.21 views

Cost Calculator < 1.6 - Contributor+ Stored Cross-Site Scripting

The plugin allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator Price Settings which gets injected on the edit page as well as any page that embeds the calculator using the shortcode, as well as the Text...

5.4CVSS1.4AI score0.00595EPSS
Exploits2Affected Software1
Rows per page
Query Builder