Lucene search
JrXnmWPVDB-ID:8E53F15E-8B6A-4D47-A40D-4EBBE6934286HistoryNov 18, 2021 - 12:00 a.m.
Child Theme Generator <= 2.2.7 - Reflected Cross-Site Scripting
2021-11-1800:00:00
JrXnm
wpscan.com
7
0.001 Low
EPSS
Percentile
25.0%
The plugin does not sanitise escape the parade parameter before outputting it back, leading to a Reflected Cross-Site Scripting in the admin dashboard
PoC
| CPE | Name | Operator | Version |
|---|---|---|---|
| child-theme-generator | eq | * |
Related
cve
cve
CVE-2021-24982
2022-03-14 15:15:08
cvelist
cvelist
cnvd
cnvd
WordPress Child Theme Generator plugin cross-site scripting vulnerability
2022-03-16 00:00:00
prion
prion
Cross site scripting
2022-03-14 15:15:00
nvd
nvd
CVE-2021-24982
2022-03-14 15:15:08
patchstack
patchstack
wpexploit
wpexploit
Child Theme Generator <= 2.2.7 - Reflected Cross-Site Scripting
2021-11-18 00:00:00