Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Ivory Search – WordPress Search Plugin by Unknown

    CVE-2021-25105 (GCVE-0-2021-25105)

    Vulnerability from nvd – Published: 2022-02-07 15:47 – Updated: 2024-08-03 19:56
    VLAI
    Title
    Ivory Search < 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting
    Summary
    The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
    Severity
    No CVSS data available.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unknown Ivory Search – WordPress Search Plugin Affected: 5.4.1 , < 5.4.1 (custom)
    Create a notification for this product.
    Credits
    Yoru Oni
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:56:10.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ivory Search \u2013 WordPress Search Plugin",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "5.4.1",
                  "status": "affected",
                  "version": "5.4.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Yoru Oni"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-07T15:47:22.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Ivory Search \u003c 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-25105",
              "STATE": "PUBLIC",
              "TITLE": "Ivory Search \u003c 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ivory Search \u2013 WordPress Search Plugin",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.4.1",
                                "version_value": "5.4.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Yoru Oni"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f",
                  "refsource": "MISC",
                  "url": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-25105",
        "datePublished": "2022-02-07T15:47:22.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:56:10.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-24234 (GCVE-0-2021-24234)

    Vulnerability from nvd – Published: 2021-04-22 21:00 – Updated: 2024-08-03 19:21
    VLAI
    Title
    Ivory Search < 4.6.1 - Reflected Cross Site Scripting (XSS)
    Summary
    The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to conduct the attack.
    Severity
    No CVSS data available.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Unknown Ivory Search – WordPress Search Plugin Affected: 4.6.1 , < 4.6.1 (custom)
    Create a notification for this product.
    Credits
    Jinson Varghese Behanan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:21:18.676Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ivory Search \u2013 WordPress Search Plugin",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "4.6.1",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jinson Varghese Behanan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to conduct the attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-22T21:00:50.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Ivory Search \u003c 4.6.1 - Reflected Cross Site Scripting (XSS)",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-24234",
              "STATE": "PUBLIC",
              "TITLE": "Ivory Search \u003c 4.6.1 - Reflected Cross Site Scripting (XSS)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ivory Search \u2013 WordPress Search Plugin",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "4.6.1",
                                "version_value": "4.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Jinson Varghese Behanan"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to conduct the attack."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835",
                  "refsource": "CONFIRM",
                  "url": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835"
                },
                {
                  "name": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/",
                  "refsource": "MISC",
                  "url": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/"
                },
                {
                  "name": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/",
                  "refsource": "MISC",
                  "url": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-24234",
        "datePublished": "2021-04-22T21:00:50.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:21:18.676Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-25105 (GCVE-0-2021-25105)

    Vulnerability from cvelistv5 – Published: 2022-02-07 15:47 – Updated: 2024-08-03 19:56
    VLAI
    Title
    Ivory Search < 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting
    Summary
    The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
    Severity
    No CVSS data available.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unknown Ivory Search – WordPress Search Plugin Affected: 5.4.1 , < 5.4.1 (custom)
    Create a notification for this product.
    Credits
    Yoru Oni
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:56:10.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ivory Search \u2013 WordPress Search Plugin",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "5.4.1",
                  "status": "affected",
                  "version": "5.4.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Yoru Oni"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-07T15:47:22.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Ivory Search \u003c 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-25105",
              "STATE": "PUBLIC",
              "TITLE": "Ivory Search \u003c 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ivory Search \u2013 WordPress Search Plugin",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.4.1",
                                "version_value": "5.4.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Yoru Oni"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f",
                  "refsource": "MISC",
                  "url": "https://wpscan.com/vulnerability/a9ab9e84-7f5e-4e7c-8647-114d9e02e59f"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-25105",
        "datePublished": "2022-02-07T15:47:22.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:56:10.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-24234 (GCVE-0-2021-24234)

    Vulnerability from cvelistv5 – Published: 2021-04-22 21:00 – Updated: 2024-08-03 19:21
    VLAI
    Title
    Ivory Search < 4.6.1 - Reflected Cross Site Scripting (XSS)
    Summary
    The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to conduct the attack.
    Severity
    No CVSS data available.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Unknown Ivory Search – WordPress Search Plugin Affected: 4.6.1 , < 4.6.1 (custom)
    Create a notification for this product.
    Credits
    Jinson Varghese Behanan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T19:21:18.676Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ivory Search \u2013 WordPress Search Plugin",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "4.6.1",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jinson Varghese Behanan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to conduct the attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-22T21:00:50.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Ivory Search \u003c 4.6.1 - Reflected Cross Site Scripting (XSS)",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2021-24234",
              "STATE": "PUBLIC",
              "TITLE": "Ivory Search \u003c 4.6.1 - Reflected Cross Site Scripting (XSS)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ivory Search \u2013 WordPress Search Plugin",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "4.6.1",
                                "version_value": "4.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Jinson Varghese Behanan"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to conduct the attack."
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835",
                  "refsource": "CONFIRM",
                  "url": "https://wpscan.com/vulnerability/ecc620be-8e29-4860-9d32-86b5814a3835"
                },
                {
                  "name": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/",
                  "refsource": "MISC",
                  "url": "https://www.getastra.com/blog/911/plugin-exploit/reflected-xss-vulnerability-in-ivory-search-wp-plugin/"
                },
                {
                  "name": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/",
                  "refsource": "MISC",
                  "url": "https://www.jinsonvarghese.com/reflected-xss-vulnerability-found-in-ivory-search-plugin/"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2021-24234",
        "datePublished": "2021-04-22T21:00:50.000Z",
        "dateReserved": "2021-01-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T19:21:18.676Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }