Mortgage Calculators WP < 1.56 Admin Stored Cross-Site Scripting vulnerabilit
Reporter | Title | Published | Views | Family All 10 |
---|---|---|---|---|
![]() | WordPress Mortgage Calculators WP Cross-Site Scripting Vulnerability | 8 Mar 202200:00 | – | cnvd |
![]() | CVE-2021-24904 Mortgage Calculators WP < 1.56 - Admin+ Stored Cross-Site Scripting | 14 Feb 202209:20 | – | cvelist |
![]() | Cross site scripting | 14 Feb 202212:15 | – | prion |
![]() | Mortgage Calculators WP < 1.56 - Admin+ Stored Cross-Site Scripting | 11 Jan 202200:00 | – | wpvulndb |
![]() | WordPress Mortgage Calculators WP 1.52 Plugin - Stored Cross-Site Scripting Vulnerability | 27 Jan 202200:00 | – | zdt |
![]() | WordPress Mortgage Calculators WP 1.52 Cross Site Scripting | 27 Jan 202200:00 | – | packetstorm |
![]() | CVE-2021-24904 | 14 Feb 202212:15 | – | nvd |
![]() | WordPress Mortgage Calculators WP plugin <= 1.55 - Stored Cross-Site Scripting (XSS) vulnerability | 11 Jan 202200:00 | – | patchstack |
![]() | WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting (XSS) (Authenticated) | 27 Jan 202200:00 | – | exploitdb |
![]() | CVE-2021-24904 | 14 Feb 202212:15 | – | cve |
1. Go to settings page available under the "Calculator" menu item.
2. Click the "Select Color" button and type the following payload the input space: </style></head><script>alert(/XSS/)</script>
3. Click the "Save Changes" button to save settings.
4. Create a new page and add the shortcode ([mcwp type="cv"]) of the calculator, for testing.
5. Visit the page to trigger XSS.
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo