Limited Black Friday Offer:

WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting CVE-2021-36873 Scanner

Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting CVE-2021-36873 Scanner Detail

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage.

https://patchstack.com/database/vulnerability/iq-block-country-/wordpress-iq-block-country-plugin-1-2-11-authenticated-persistent-cross-site-scripting-xss-vulnerability
https://wordpress.org/plugins/iq-block-country/#developers