Lucene search
WpvulndbWPVDB-ID:84B14B5C-FB1C-4771-B061-4F531C187C0BHistoryDec 13, 2021 - 12:00 a.m.
Comment Engine Pro <= 1.0 - Editor+ Stored Cross-Site Scripting
2021-12-1300:00:00
wpscan.com
21
comment engine pro
stored cross-site scripting
editor.
EPSS
0.001
Percentile
19.4%
The plugin does not sanitise and escape some parameters, allowing high privilege users such as editor (and above) to perform Stored Cross-Site Scripting attacks
Related
nvd
nvd
CVE-2021-36911
2021-12-10 17:15:07
cve
cve
CVE-2021-36911
2021-12-10 17:15:07
cvelist
cvelist
prion
prion
Cross site scripting
2021-12-10 17:15:00
patchstack
patchstack