CVE-2021-36919

Type: 

Cross-Site Scripting (XSS)

Severity: 

Low

Publication date: 

11/26/2021

Last modified: 

12/02/2021

Description

Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome Support plugin (versions

Impact

Access Vector: Through network

Access Complexity: Media

Authentication: Requires a single instance to exploit

Impact Type: Partially affects on system integrity + No impact on system confidentiality + No impact on system availability

Vulnerable software and versions

• cpe:2.3:a:getawesomesupport:awesome_support:*:*:*:*:*:wordpress:*:*

To consult the complete list of products and versions see this page

References to Advisories, Solutions, and Tools

• https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-plugin-6-0-6-multiple-authenticated-reflected-cross-site-scripting-xss-vulnerabilities (Source: MISC)
• https://wordpress.org/plugins/awesome-support/#developers (Source: CONFIRM)

Explanation of fields