Lucene search
NeppahWPVDB-ID:3E262CD7-CA64-4190-8D8C-38B07BBE63E0HistorySep 20, 2021 - 12:00 a.m.
GamePress <= 1.1.0 - Reflected Cross-Site Scripting
2021-09-2000:00:00
Neppah
wpscan.com
8
0.001 Low
EPSS
Percentile
31.7%
The plugin does not escape the op_edit POST parameter before outputting it back in multiple Game Option pages, leading to Reflected Cross-Site Scripting issues
PoC
Affected pages: op=engines, op=perspectives, op=modes, op=genres, op=themes, op=platforms
Related
cnvd
cnvd
wpexploit
wpexploit
GamePress <= 1.1.0 - Reflected Cross-Site Scripting
2021-09-20 00:00:00
prion
prion
Cross site scripting
2021-10-18 14:15:00
cvelist
cvelist
CVE-2021-24617 GamePress <= 1.1.0 - Reflected Cross-Site Scripting
2021-10-18 13:45:49
cve
cve
CVE-2021-24617
2021-10-18 14:15:09
patchstack
patchstack
nvd
nvd
CVE-2021-24617
2021-10-18 14:15:09