Security Advisory

CVE-2021-24246

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-05 18:39:43

Last updated 2024-08-03 19:21:18

Assigner WPScan

State PUBLISHED

Description

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscout_send_message_chat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues

← Browse all CVEs View on cve.org ↗