{"containers":{"cna":{"affected":[{"product":"Smart SEO Tool – SEO优化插件","vendor":"Unknown","versions":[{"lessThan":"3.0.6","status":"affected","version":"3.0.6","versionType":"custom"}]}],"credits":[{"lang":"en","value":"lnsmile"}],"descriptions":[{"lang":"en","value":"The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"CWE-79 Cross-site Scripting (XSS)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-01-24T08:01:02.000Z","orgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","shortName":"WPScan"},"references":[{"tags":["x_refsource_MISC"],"url":"https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"},{"tags":["x_refsource_CONFIRM"],"url":"https://plugins.trac.wordpress.org/changeset/2637305"}],"source":{"discovery":"EXTERNAL"},"title":"Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting","x_generator":"WPScan CVE Generator","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"contact@wpscan.com","ID":"CVE-2021-24976","STATE":"PUBLIC","TITLE":"Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Smart SEO Tool – SEO优化插件","version":{"version_data":[{"version_affected":"<","version_name":"3.0.6","version_value":"3.0.6"}]}}]},"vendor_name":"Unknown"}]}},"credit":[{"lang":"eng","value":"lnsmile"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting"}]},"generator":"WPScan CVE Generator","problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-79 Cross-site Scripting (XSS)"}]}]},"references":{"reference_data":[{"name":"https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0","refsource":"MISC","url":"https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"},{"name":"https://plugins.trac.wordpress.org/changeset/2637305","refsource":"CONFIRM","url":"https://plugins.trac.wordpress.org/changeset/2637305"}]},"source":{"discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T19:49:14.366Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://plugins.trac.wordpress.org/changeset/2637305"}]}]},"cveMetadata":{"assignerOrgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","assignerShortName":"WPScan","cveId":"CVE-2021-24976","datePublished":"2022-01-24T08:01:02.000Z","dateReserved":"2021-01-14T00:00:00.000Z","dateUpdated":"2024-08-03T19:49:14.366Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}