Lucene search
China National Vulnerability DatabaseCNVD-2021-101994HistoryDec 18, 2021 - 12:00 a.m.
WordPress Get Custom Field Values plugin cross-site scripting vulnerability
2021-12-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
25.0%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. Get Custom Field Values Plugin is a WordPress open source application plugin. WordPress Get Custom Field Values Plugin has a cross-site scripting vulnerability in versions prior to 4.0.1, which stems from Lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress get custom field values plugin | lt | 4.0.1 |
Related
wpexploit
wpexploit
Get Custom Field Values < 4.0.1 - Contributor+ Stored Cross-Site Scripting
2021-11-09 00:00:00
patchstack
patchstack
osv
osv
CVE-2021-24871
2021-12-13 11:15:09
cvelist
cvelist
wpvulndb
wpvulndb
Get Custom Field Values < 4.0.1 - Contributor+ Stored Cross-Site Scripting
2021-11-09 00:00:00
cve
cve
CVE-2021-24871
2021-12-13 11:15:09
prion
prion
Cross site scripting
2021-12-13 11:15:00
nvd
nvd
CVE-2021-24871
2021-12-13 11:15:09