Vulnerabilities > Wechat Reward Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-18	CVE-2021-24615	Cross-site Scripting vulnerability in Wechat Reward Project Wechat Reward 1.7 The Wechat Reward WordPress plugin through 1.7 does not sanitise or escape its QR settings, nor has any CSRF check in place, allowing attackers to make a logged in admin change the settings and perform Cross-Site Scripting attacks. network low complexity wechat-reward-project CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Wechat Reward Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wechat Reward Project"}]}

Vulnerabilities > Wechat Reward Project