cleantalk

Vulnerabilities and Security Researches

Security report for CVE Simple Giveaways – Grow your business, email lists and traffic with contests > CVE-2021-24298

CVE, Research URL

CVE-2021-24298

Home page URL

Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests

Application

Simple Giveaways – Grow your business, email lists and traffic with contests

Published on
May 24, 2021
Research Description
The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS
Affected versions
Min -, max 2.18.0.
Status
vulnerable
Previous vulnerability researches
Simple Giveaways – Grow your business, email lists and traffic with contests (CVE-2023-23893) , Jun 10, 2024
Simple Giveaways – Grow your business, email lists and traffic with contests (CVE-2022-4974) , Nov 15, 2024
Simple Giveaways – Grow your business, email lists and traffic with contests (CVE-2021-24298) , Jun 07, 2024
Simple Giveaways – Grow your business, email lists and traffic with contests (CVE-2023-1121) , Jun 07, 2024
Simple Giveaways – Grow your business, email lists and traffic with contests (CVE-2023-1122) , Jun 07, 2024
New vulnerability
Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time (CVE-2024-13841) , Feb 09, 2025
LikeBot – Decentralized like-system (CVE-2025-0522) , Feb 09, 2025
BookPress – For Book Authors (CVE-2025-25167) , Feb 09, 2025
Music Sheet Viewer (CVE-2025-25155) , Feb 09, 2025
Listings for Appfolio (CVE-2025-22658) , Feb 07, 2025