mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-26 01:07:59 +02:00
0xMarcio
1.0 KiB
1.0 KiB
CVE-2021-24246
&color=brighgreen)
Description
The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscout_send_message_chat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues
POC
Reference
- https://wpscan.com/vulnerability/2365a9d0-f6f4-4602-9804-5af23d0cb11d
- https://wpscan.com/vulnerability/2365a9d0-f6f4-4602-9804-5af23d0cb11d
Github
No PoCs found on GitHub currently.