CVE-2021-24632
Recipe Card Blocks < 2.8.1 - Reflected Cross-Site Scripting
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
27 Sep 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.1 does not escape the message parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
Affected products
Unknown · Recipe Card Blocks by WPZOOMWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →