Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-11-21

CVE-2022-0471 - Favicon By Realfavicongenerator Plugin

The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 does not properly sanitise and escape the json_result_url parameter before outputting it back in the Favicon admin dashboard, leading to a Reflected Cross-Site Scripting issue

PLUGIN Favicon By Realfavicongenerator

CVE-2022-0471

MEDIUM CVSS 6.1 2022-04-11

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2021-24437 - Favicon By Realfavicongenerator Plugin

The Favicon by RealFaviconGenerator WordPress plugin through 1.3.20 does not sanitise or escape one of its parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting (XSS) which is executed in the context of a logged administrator.

PLUGIN Favicon By Realfavicongenerator

CVE-2021-24437

MEDIUM CVSS 6.1 2021-08-30

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2022-0471 - Favicon By Realfavicongenerator Plugin

CVE-2021-24437 - Favicon By Realfavicongenerator Plugin

Company Links

Contact Us