Lucene search
China National Vulnerability DatabaseCNVD-2021-93366HistoryNov 21, 2021 - 12:00 a.m.
WordPress Elementor Plugin Cross-Site Scripting Vulnerability (CNVD-2021-93366)
2021-11-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
elementor
cross-site scripting
vulnerability
php
mysql
data validation
javascript
client side
cnvd-2021-93366
EPSS
0.001
Percentile
24.8%
WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. a security vulnerability exists in the WordPress Elementor plugin, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
Related
cvelist
cvelist
openvas
openvas
WordPress Starter Templates Plugin < 2.7.1 XSS Vulnerability
2021-12-06 00:00:00
nvd
nvd
CVE-2021-42360
2021-11-17 18:15:08
cve
cve
CVE-2021-42360
2021-11-17 18:15:08
wpvulndb
wpvulndb
Starter Templates < 2.7.1 - Contributor+ Block Import to Stored XSS
2021-11-11 00:00:00
wordfence
wordfence
Over 1 Million Sites Impacted by Vulnerability in Starter Templates Plugin
2021-11-11 15:01:24
patchstack
patchstack
prion
prion
Design/Logic Flaw
2021-11-17 18:15:00