CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-3124

Stored cross-site scripting (XSS) in form field in robust.systems product Custom Global Variables v 1.0.5 allows a remote attacker to inject arbitrary code via the vars[0][name] field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://db.threatpress.com/vulnerability/custom-global-variables/wordpress-custom-global-variables-plugin-1-0-5-stored-cross-site-scripting-xss-vulnerability
https://www.exploit-db.com/exploits/49406
https://db.threatpress.com/vulnerability/custom-global-variables/wordpress-custom-global-variables-plugin-1-0-5-stored-cross-site-scripting-xss-vulnerability
https://www.exploit-db.com/exploits/49406

Products affected by CVE-2021-3124

Newtarget » Custom Global Variables » Version: 1.0.5

cpe:2.3:a:newtarget:custom_global_variables:1.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3124

Products

Pricing

Contact Us