Lucene search
WpvulndbWPVDB-ID:ECC70F36-DD93-403F-9317-88B3D0CA2878HistoryDec 14, 2021 - 12:00 a.m.
Real WYSIWYG <= 0.0.2 - Reflected Cross-Site Scripting
2021-12-1400:00:00
wpscan.com
4
0.001 Low
EPSS
Percentile
26.2%
The plugin is vulnerable to Reflected Cross-Site Scripting due to the use of PHP_SELF in the ~/real-wysiwyg.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| real-wysiwyg | eq | * |
Related
patchstack
patchstack
prion
prion
Cross site scripting
2021-12-14 16:15:00
cve
cve
CVE-2021-39310
2021-12-14 16:15:08
nvd
nvd
CVE-2021-39310
2021-12-14 16:15:08
cnvd
cnvd
WordPress Real WYSIWYG plugin cross-site scripting vulnerability
2021-12-19 00:00:00
cvelist
cvelist
CVE-2021-39310 Real WYSIWYG <= 0.0.2 Reflected Cross-Site Scripting
2021-12-13 00:00:00