Lucene search
China National Vulnerability DatabaseCNVD-2021-59602HistoryJun 29, 2021 - 12:00 a.m.
WordPress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-59602)
2021-06-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
wordpress
cross-site scripting
membership & learning management system
version 4.21.1
php
vulnerability
EPSS
0.001
Percentile
24.8%
WordPress is a blogging platform developed by the WordPress (Wordpress) Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress Membership & Learning Management System Plugin for WordPress plugin prior to version 4.21.1, which stems from the plugin generating links for editing The vulnerability is caused by a reflection-based cross-site scripting issue when the plugin does not properly filter, validate, or encode query strings when generating links for editing a user’s own profile. No details of the vulnerability are currently available.
Related
openvas
openvas
WordPress Ultimate Member Plugin < 2.1.20 XSS Vulnerability
2021-06-29 00:00:00
prion
prion
Cross site scripting
2021-05-24 11:15:00
cvelist
cvelist
wpvulndb
wpvulndb
wpexploit
wpexploit
patchstack
patchstack
nvd
nvd
CVE-2021-24306
2021-05-24 11:15:08
osv
osv
CVE-2021-24306
2021-05-24 11:15:08
cve
cve
CVE-2021-24306
2021-05-24 11:15:08