CVE-2021-24287

{"id": "CVE-2021-24287", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2021-05-14T12:15:08.490", "references": [{"url": "http://packetstormsecurity.com/files/164327/WordPress-Select-All-Categories-And-Taxonomies-1.3.1-Cross-Site-Scripting.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/56e1bb56-bfc5-40dd-b2d0-edef43d89bdf", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "http://packetstormsecurity.com/files/164327/WordPress-Select-All-Categories-And-Taxonomies-1.3.1-Cross-Site-Scripting.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://wpscan.com/vulnerability/56e1bb56-bfc5-40dd-b2d0-edef43d89bdf", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "contact@wpscan.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin before 1.3.2 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue"}, {"lang": "es", "value": "La p\u00e1gina de configuraci\u00f3n del plugin de WordPress Select All Categories and Taxonomies, Change Checkbox to Radio Buttons versiones anteriores a 1.3.2, no sanea apropiadamente el par\u00e1metro tab antes de devolverlo, conllevando a un problema de tipo Cross-Site Scripting reflejado"}], "lastModified": "2024-11-21T05:52:45.953", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mooveagency:select_all_categories_and_taxonomies\\,_change_checkbox_to_radio_buttons:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "4168892F-8BC7-4BA3-8BE7-1DBD516B3DFF", "versionEndExcluding": "1.3.2"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}