Lucene search
WPScanCVELIST:CVE-2021-24613HistorySep 20, 2021 - 10:06 a.m.
CVE-2021-24613 Post Views Counter < 1.3.5 - Authenticated Stored XSS
2021-09-2010:06:35
CWE-79
WPScan
www.cve.org
3
wordpress
plugin
xss
security
EPSS
0.001
Percentile
24.8%
The Post Views Counter WordPress plugin before 1.3.5 does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the frontend even when the unfiltered_html capability is disallowed
CNA Affected
[
{
"product": "Post Views Counter",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.3.5",
"status": "affected",
"version": "1.3.5",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2021-09-20 10:15:00
wpvulndb
wpvulndb
Post Views Counter < 1.3.5 - Authenticated Stored XSS
2021-08-23 00:00:00
cve
cve
CVE-2021-24613
2021-09-20 10:15:09
wpexploit
wpexploit
Post Views Counter < 1.3.5 - Authenticated Stored XSS
2021-08-23 00:00:00
nvd
nvd
CVE-2021-24613
2021-09-20 10:15:09
openvas
openvas
WordPress Post Views Counter Plugin < 1.3.5 XSS Vulnerability
2021-10-12 00:00:00