Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitNguyen Anh TienWPEX-ID:C234700E-61DD-46A0-90FB-609E704269A9
HistoryMar 16, 2021 - 12:00 a.m.

SEO Redirection < 6.4 - Authenticated Reflected Cross-Site Scripting (XSS)

2021-03-1600:00:00
Nguyen Anh Tien
300

0.001 Low

EPSS

Percentile

24.8%

JSON

The setting page of the plugin is vulnerable to reflected Cross-Site Scripting (XSS) as user input is not properly sanitised before being output in an attribute. Timeline (WPScanTeam) January 29th, 2021 - Report received & Confirmed & Escalated to WordPress plugins Team (who confirmed to have received the report) March 16th, 2021 - No updates, disclosing April 18th, 2021 - v6.4 released, fixing the issue

The PoC will be displayed on May 02, 2021, to give users the time to update.

Related

cve 1
wpvulndb 1
cvelist 1
nvd 1
prion 1
cve
cve
CVE-2021-24187
2021-04-05 19:15:16
wpvulndb
wpvulndb
SEO Redirection < 6.4 - Authenticated Reflected Cross-Site Scripting (XSS)
2021-03-16 00:00:00
cvelist
cvelist
CVE-2021-24187 SEO Redirection < 6.4 - Authenticated Reflected Cross-Site Scripting (XSS)
2021-04-05 18:27:45
nvd
nvd
CVE-2021-24187
2021-04-05 19:15:16
prion
prion
Cross site scripting
2021-04-05 19:15:00

0.001 Low

EPSS

Percentile

24.8%

JSON
Related for WPEX-ID:C234700E-61DD-46A0-90FB-609E704269A9
cve1wpvulndb1cvelist1nvd1prion1