Lucene search
K

4 matches found

OSV
OSV
added 2021/09/20 10:15 a.m.2 views

CVE-2021-24587

The Splash Header WordPress plugin before 1.20.8 doesn't sanitise and escape some of its settings while outputting them in the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...

5.4CVSS5.8AI score0.006EPSS
Exploits2References1
CVE
CVE
added 2021/09/20 10:6 a.m.59 views

CVE-2021-24587

CVE-2021-24587 affects the Splash Header WordPress plugin prior to version 1.20.8. The underlying issue is improper sanitisation/escaping of certain plugin settings when they are output in the admin dashboard, enabling authenticated stored Cross-Site Scripting (XSS). The documented impact is an a...

5.4CVSS5.2AI score0.006EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/09/20 12:0 a.m.4 views

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. WordPress Plugin A cross-site scripting vulnerability exists that stems from the Splash Header plugin prior to version 1.20.8 not clearing and escaping some of its settings when outputting in the admin dashboard, which leads to...

5.4CVSS5.4AI score0.006EPSS
Exploits2References2
Patchstack
Patchstack
added 2021/07/29 12:0 a.m.16 views

WordPress Splash Header plugin <= 1.20.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by xiahao in WordPress Splash Header plugin versions = 1.20.7. Solution Update the WordPress Splash Header plugin to the latest available version at least 1.20.8...

5.4CVSS2AI score0.006EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder