CVE-2021-36919: XSS
First published: Fri Nov 26 2021(Updated: )
Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome Support plugin (versions <= 6.0.6), vulnerable parameters (&id, &assignee).
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Getawesomesupport Awesome Support | <=6.0.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-36919?
CVE-2021-36919 is a vulnerability known as Multiple Authenticated Reflected Cross-Site Scripting (XSS) in the WordPress Awesome Support plugin.
What is the severity of CVE-2021-36919?
The severity of CVE-2021-36919 is medium with a CVSS score of 5.4.
Which versions of the WordPress Awesome Support plugin are affected by CVE-2021-36919?
Versions up to and including 6.0.6 of the WordPress Awesome Support plugin are affected by CVE-2021-36919.
What is the Common Weakness Enumeration (CWE) ID associated with CVE-2021-36919?
The Common Weakness Enumeration (CWE) ID associated with CVE-2021-36919 is CWE-79.
Are there any references or resources for CVE-2021-36919?
Yes, you can find more information about CVE-2021-36919 and possible solutions in the following references: [link1](https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-plugin-6-0-6-multiple-authenticated-reflected-cross-site-scripting-xss-vulnerabilities) and [link2](https://wordpress.org/plugins/awesome-support/#developers).
- collector/nvd-index
- vendor/getawesomesupport
- canonical/getawesomesupport awesome support
- version/getawesomesupport awesome support/6.0.6