CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24534

The PhoneTrack Meu Site Manager WordPress plugin through 0.1 does not sanitise or escape its "php_id" setting before outputting it back in an attribute in the page, leading to a stored Cross-Site Scripting issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://wpscan.com/vulnerability/b968b9a1-67f3-4bef-a3d3-6e8942bb6570
https://wpscan.com/vulnerability/b968b9a1-67f3-4bef-a3d3-6e8942bb6570

Products affected by CVE-2021-24534

Phonetrack » Phonetrack Meu Site Manager » Version: N/A

cpe:2.3:a:phonetrack:phonetrack_meu_site_manager:-
Phonetrack » Phonetrack Meu Site Manager » Version: 0.1

cpe:2.3:a:phonetrack:phonetrack_meu_site_manager:0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24534

Products

Pricing

Contact Us