Skip to main content

Glass

2 CVEs product

Monthly

CVE-2021-24434 MEDIUM POC This Month

The Glass WordPress plugin through 1.3.2 does not sanitise or escape its "Glass Pages" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress XSS Glass
NVD WPScan
CVSS 3.1
6.1
EPSS
0.4%
CVE-2013-4872 MEDIUM This Month

Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Google Glass
NVD
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

The Glass WordPress plugin through 1.3.2 does not sanitise or escape its "Glass Pages" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress XSS +1
NVD WPScan
EPSS 0% CVSS 6.9
MEDIUM This Month

Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Google Glass
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy