CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-24488

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile14.05th
Published2021年8月2日
Last Modified2024年11月21日

Vulnerability Description

The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues

Affected Platforms (CPE)

📦
Pickplugins

Post Grid

< 2.1.8

References & Advisories

🔗 https://wpscan.com/vulnerability/1fc0aace-ba85-4939-9007-d150960add4a
🔗 https://wpscan.com/vulnerability/1fc0aace-ba85-4939-9007-d150960add4a

相關漏洞威脅

CVE-2021-44508.8

The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in versions up to, and including, 2.1.12...

CVE-2020-359367.5

Stored Cross-Site Scripting (XSS) vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated a...

CVE-2020-359387.5

PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to i...

CVE-2021-246526.5

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 performs incorrect checks before allowing any logged in ...

CVE-2021-24488 Detail & Impact Analysis | CVSS 6.1 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space