cleantalk
Vulnerabilities and Security Researches

iQ Block Country, CVE-2021-36873

CVE, Research URL

CVE-2021-36873

Home page URL

Security reports for iQ Block Country

Application

iQ Block Country

Published on
Sep 23, 2021
Research Description
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage.
Affected versions
max 1.2.12.
Status
vulnerable
Previous vulnerability researches
Block Country (CVE-2025-48077) , Nov 11, 2025
iQ Block Country (CVE-2022-1762) , Jun 06, 2024
iQ Block Country (CVE-2021-36873) , Jun 06, 2024
iQ Block Country (CVE-2022-41155) , Jun 06, 2024
iQ Block Country (CVE-2022-0246) , Jun 06, 2024
New vulnerability
Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim (CVE-2025-60188) , Nov 11, 2025
Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim (CVE-2025-60187) , Nov 11, 2025
Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim (CVE-2025-62895) , Nov 11, 2025
Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim (CVE-2025-60195) , Nov 11, 2025
Client Invoicing by Sprout Invoices &#8211; Easy Estimates and Invoices for WordPress (CVE-2025-64229) , Nov 11, 2025