WP RSS Aggregator < 4.19.3 - Subscriber+ Stored Cross-Site Scripting. Lack of data sanitisation, privilege escalation via wprss_dismiss_addon_notice AJAX action
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
Prion | Cross site request forgery (csrf) | 27 Dec 202111:15 | – | prion |
CVE | CVE-2021-24988 | 27 Dec 202111:15 | – | cve |
wpexploit | WP RSS Aggregator < 4.19.3 - Subscriber+ Stored Cross-Site Scripting | 29 Nov 202100:00 | – | wpexploit |
Patchstack | WordPress WP RSS Aggregator plugin <= 4.19.2 - Stored Cross-Site Scripting (XSS) vulnerability | 29 Nov 202100:00 | – | patchstack |
CNVD | WordPress WP RSS Aggregator plugin cross-site scripting vulnerability | 28 Dec 202100:00 | – | cnvd |
Cvelist | CVE-2021-24988 WP RSS Aggregator < 4.19.3 - Subscriber+ Stored Cross-Site Scripting | 27 Dec 202110:33 | – | cvelist |
NVD | CVE-2021-24988 | 27 Dec 202111:15 | – | nvd |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo