Wp24 Domain Check
by WordPress
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-24602 | Hig | 0.46 | 7.1 | 0.00 | Feb 4, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP24 WP24 Domain Check wp24-domain-check allows Reflected XSS.This issue affects WP24 Domain Check: from n/a through <= 1.10.14. | ||
| CVE-2021-24926 | Med | 0.44 | 6.1 | 0.13 | Feb 1, 2022 | The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue | ||
| CVE-2021-47984 | Med | 0.42 | 6.4 | 0.00 | Jun 8, 2026 | WordPress Plugin WP24 Domain Check 1.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the fieldnameDomain parameter. Attackers can inject JavaScript payloads through the plugin… |
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP24 WP24 Domain Check wp24-domain-check allows Reflected XSS.This issue affects WP24 Domain Check: from n/a through <= 1.10.14.
- risk 0.44cvss 6.1epss 0.13
The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue
- risk 0.42cvss 6.4epss 0.00
WordPress Plugin WP24 Domain Check 1.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the fieldnameDomain parameter. Attackers can inject JavaScript payloads through the plugin…