Vulnerabilities

CVE-2021-24807

by Fred · 08/11/2021

The Support Board WordPress plugin before 3.3.5 allows Authenticated (Agent+) users to perform Cross-Site Scripting attacks by placing a payload in the notes field, when an administrator or any authenticated user go to the chat the XSS will be automatically executed.

Date published : 2021-11-08

https://github.com/itsjeffersonli/CVE-2021-24807

https://medium.com/@lijohnjefferson/cve-2021-24807-6bc22af2a444

Similar

Tags: Cybersecurity Alert