Lucene search
PRIOn knowledge basePRION:CVE-2021-24789HistoryNov 01, 2021 - 9:15 a.m.
Cross site scripting
2021-11-0109:15:00
PRIOn knowledge base
www.prio-n.com
8
0.001 Low
EPSS
Percentile
24.8%
The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
| CPE | Name | Operator | Version |
|---|---|---|---|
| flat_preloader | lt | 1.5.5 |
Related
cve
cve
CVE-2021-24789
2021-11-01 09:15:09
cvelist
cvelist
CVE-2021-24789 Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting
2021-11-01 08:46:23
nvd
nvd
CVE-2021-24789
2021-11-01 09:15:09
cnvd
cnvd
WordPress Flat Preloader plugin cross-site scripting vulnerability
2021-11-04 00:00:00
wpvulndb
wpvulndb
Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting
2021-09-28 00:00:00
patchstack
patchstack
wpexploit
wpexploit
Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting
2021-09-28 00:00:00