Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage.
References
Link | Resource |
---|---|
https://wordpress.org/plugins/iq-block-country/#developers | Third Party Advisory |
https://patchstack.com/database/vulnerability/iq-block-country-/wordpress-iq-block-country-plugin-1-2-11-authenticated-persistent-cross-site-scripting-xss-vulnerability | Third Party Advisory |
Configurations
Information
Published : 2021-09-23 10:15
Updated : 2021-09-28 17:28
NVD link : CVE-2021-36873
Mitre link : CVE-2021-36873
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
webence
- iq_block_country