https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 13 Jun 2026 08:39:40 +0000 https://vulnerability.circl.lu/sighting/48e0a7fb-4eb8-4fd9-b229-6c569b8e0417/export {"uuid": "48e0a7fb-4eb8-4fd9-b229-6c569b8e0417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24879", "type": "seen", "source": "https://t.me/cibsecurity/36949", "content": "\u203c CVE-2021-24879 \u203c\n\nThe SupportCandy WordPress plugin before 2.2.7 does not have CSRF check in the wpsc_tickets AJAX action, nor has any sanitisation or escaping in some of the filter fields which could allow attackers to make a logged in user having access to the ticket lists dashboard set an arbitrary filter (stored in their cookies) with an XSS payload in it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-07T18:35:01.000000Z"} {"uuid": "48e0a7fb-4eb8-4fd9-b229-6c569b8e0417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24879", "type": "seen", "source": "https://t.me/cibsecurity/36949", "content": "\u203c CVE-2021-24879 \u203c\n\nThe SupportCandy WordPress plugin before 2.2.7 does not have CSRF check in the wpsc_tickets AJAX action, nor has any sanitisation or escaping in some of the filter fields which could allow attackers to make a logged in user having access to the ticket lists dashboard set an arbitrary filter (stored in their cookies) with an XSS payload in it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-07T18:35:01.000000Z"} https://vulnerability.circl.lu/sighting/48e0a7fb-4eb8-4fd9-b229-6c569b8e0417/export Mon, 07 Feb 2022 18:35:01 +0000