CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Bluemedicinelabs: >> Hotjar Connecticator Security Vulnerabilities

CVE-2021-24301

The Hotjar Connecticator WordPress plugin through 1.1.1 is vulnerable to Stored Cross-Site Scripting (XSS) in the 'hotjar script' textarea. The request did include a CSRF nonce that was properly verified by the server and this vulnerability could only be exploited by administrator users.

CVSS Score

5.4

EPSS Score

0.002

Published

2021-05-24

Page 1

Vulnerabilities

Vulnerable Software

Bluemedicinelabs: >> Hotjar Connecticator Security Vulnerabilities

Products

Pricing

Contact Us