CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24828

The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.9%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://wpscan.com/vulnerability/6f9d1ee5-7ed7-4304-96a2-611b2f0081d2
https://wpscan.com/vulnerability/6f9d1ee5-7ed7-4304-96a2-611b2f0081d2

Products affected by CVE-2021-24828

Mlcalc » Mortgage Calculator/loan Calculator » Version: Any

cpe:2.3:a:mlcalc:mortgage_calculator/loan_calculator:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24828

Products

Pricing

Contact Us