CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24899

The Media-Tags WordPress plugin through 3.2.0.2 does not sanitise and escape any of its Labels settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_htnl capability is disallowed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.2%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://wpscan.com/vulnerability/cf4b266c-d68e-4add-892a-d01a31987a4b
https://wpscan.com/vulnerability/cf4b266c-d68e-4add-892a-d01a31987a4b

Products affected by CVE-2021-24899

Media-Tags Project » Media-Tags » Version: Any

cpe:2.3:a:media-tags_project:media-tags:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24899

Products

Pricing

Contact Us