admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/24xxx/CVE-2021-24623.json
erwanlr d19591e5f7 Adds CVEs
2021-09-13 15:45:47 +02:00

75 lines
2.0 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ID": "CVE-2021-24623",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WordPress Advanced Ticket System < 1.0.64 - Authenticated Stored Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WordPress Advanced Ticket System, Elite Support Helpdesk",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.64",
"version_value": "1.0.64"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress Advanced Ticket System, Elite Support Helpdesk WordPress plugin before 1.0.64 does not sanitize or escape form values before saving to the database or when outputting, which allows high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/41d9027c-a982-44c7-889e-721333496b5c",
"name": "https://wpscan.com/vulnerability/41d9027c-a982-44c7-889e-721333496b5c"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Tri Wanda Septian"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
Reference in New Issue View Git Blame Copy Permalink