Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:21 p.m.16 views

CVE-2021-24411

The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack...

6.1CVSS6AI score0.00412EPSS
Exploits2References1
OSV
OSV
added 2021/08/16 11:15 a.m.2 views

CVE-2021-24411

The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack...

6.1CVSS5.8AI score0.00412EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/08/16 10:48 a.m.34 views

CVE-2021-24411 Social Tape <= 1.0 - CSRF to Stored XSS

The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack...

6.2AI score0.00412EPSS
Exploits2References1
CVE
CVE
added 2021/08/16 10:48 a.m.52 views

CVE-2021-24411

CVE-2021-24411 affects the WordPress Social Tape plugin (versions up to 1.0). The vulnerability arises from missing CSRF checks when saving settings and lack of sanitization/escaping of those settings on output, leading to a stored XSS via a CSRF attack. Published details show an exploitable flow...

6.1CVSS6AI score0.00412EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/08/16 12:0 a.m.2 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in...

6.1CVSS5.9AI score0.00412EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2021/07/19 12:0 a.m.14 views

Social Tape <= 1.0 - CSRF to Stored XSS

The plugin does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack PoC...

4.3CVSS1.8AI score0.00412EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2021/07/19 12:0 a.m.29 views

WordPress Social Tape plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Ashish Upsham in WordPress Social Tape plugin versions = 1.0. Solution This plugin has been closed as of June 15, 2021 and is not available for download. Reason: Security Issue...

6.1CVSS2.7AI score0.00412EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2021/07/19 12:0 a.m.730 views

Social Tape <= 1.0 - CSRF to Stored XSS

The plugin does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack alert/XSS/' /...

4.3CVSS0.1AI score0.00412EPSS
Exploits2
Rows per page
Query Builder