{"vulnerability": "CVE-2021-24632", "sightings": [{"uuid": "c2a3dad1-28b7-41c5-9fb5-221ee4c75929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24632", "type": "seen", "source": "https://t.me/cibsecurity/29513", "content": "\u203c CVE-2021-24632 \u203c\n\nThe Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.1 does not escape the message parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-27T20:40:52.000000Z"}, {"uuid": "a07ee9f0-8a90-40f2-be8c-b3968901de97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24632", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/640", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for exploiting CVE-2021-36878 : Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings.\nURL\uff1ahttps://github.com/AlAIAL90/CVE-2021-24632", "creation_timestamp": "2021-10-05T10:21:27.000000Z"}]}