Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11723

Malware in sbrugna...

4.8CVSS5.2AI score0.00598EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.9 views

CVE-2021-24811

The Shop Page WP WordPress plugin before 1.2.8 does not sanitise and escape some of the Product fields, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00598EPSS
Exploits2References1
NVD
NVD
added 2021/11/29 9:15 a.m.22 views

CVE-2021-24811

The Shop Page WP WordPress plugin before 1.2.8 does not sanitise and escape some of the Product fields, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00598EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/11/29 8:25 a.m.25 views

CVE-2021-24811 Shop Page WP < 1.2.8 - Admin+ Stored Cross-Site Scripting

The Shop Page WP WordPress plugin before 1.2.8 does not sanitise and escape some of the Product fields, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.00598EPSS
Exploits2References1
CVE
CVE
added 2021/11/29 8:25 a.m.41 views

CVE-2021-24811

The CVE-2021-24811 issue affects the WordPress Shop Page WP plugin prior to version 1.2.8. The root cause is improper sanitisation/escaping of some Product fields, allowing stored XSS by high-privilege users even when unfiltered_html is disallowed. Exploitation details in connected records indica...

4.8CVSS4.7AI score0.00598EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/11/01 12:0 a.m.15 views

Shop Page WP < 1.2.8 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of the Product fields, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Add/edit a product and put the following payload in the Product Affiliate URL, Custom Button Text...

4.8CVSS4.6AI score0.00598EPSS
Exploits2Affected Software1
Rows per page
Query Builder