Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical1
High0
Medium2
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2024-11-21

CVE-2021-24297 - Goto Theme

The Goto WordPress theme before 2.1 did not properly sanitize the formvalue JSON POST parameter in its tl_filter AJAX action, leading to an unauthenticated Reflected Cross-site Scripting (XSS) vulnerability.

THEME Goto

CVE-2021-24297

MEDIUM CVSS 6.1 2021-05-24
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-24314 - Goto Theme

The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it in a SQL statement, leading to an Unauthenticated SQL injection issue

THEME Goto

CVE-2021-24314

CRITICAL CVSS 9.8 2021-05-17
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-24235 - Goto Theme

The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.

THEME Goto

CVE-2021-24235

MEDIUM CVSS 6.1 2021-04-22
Open Full Technical Breakdown
Scroll to top