Lucene search
China National Vulnerability DatabaseCNVD-2022-19838HistoryJan 26, 2022 - 12:00 a.m.
WordPress Smart SEO Tool plugin cross-site scripting vulnerability
2022-01-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
smart seo tool
plugin
cross-site scripting
vulnerability
php
mysql
client side
javascript
version 3.0.6
EPSS
0.001
Percentile
31.7%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions prior to 3.0.6 of the Smart SEO Tool plugin for WordPress, which stems from the fact that search parameters are not cleaned up and escaped before being output back to properties. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
Related
patchstack
patchstack
nvd
nvd
CVE-2021-24976
2022-01-24 08:15:09
wpvulndb
wpvulndb
Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
2021-12-22 00:00:00
cve
cve
CVE-2021-24976
2022-01-24 08:15:09
prion
prion
Cross site scripting
2022-01-24 08:15:00
cvelist
cvelist
CVE-2021-24976 Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
2022-01-24 08:01:02
wpexploit
wpexploit
Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
2021-12-22 00:00:00