CVEs-PoC/2021/CVE-2021-24276.md at 860e02050fe0cfa14d092faefbaafd5bd449bbcb

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-22 18:09:40 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The Contact Form by Supsystic WordPress plugin before 1.7.15 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue

POC

Reference

http://packetstormsecurity.com/files/164308/WordPress-Contact-Form-1.7.14-Cross-Site-Scripting.html
https://wpscan.com/vulnerability/1301123c-5e63-432a-ab90-3221ca532d9c

Github

https://github.com/20142995/nuclei-templates
https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates

973 B Raw Blame History

CVE-2021-24276

Description

POC

Reference

Github

973 B

Raw Blame History