Yandex Turbo
Approved changes feed: RSS · Atom
cpe:2.3:a:yandex:yandex_turbo:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Yandex (694d67c2-958c-56da-ba5e-25307fedecef) |
|---|---|
| Product | Yandex Turbo (bfd45dc1-454c-5197-acea-8702a580d944) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-24428 |
vulnerable | 2026-06-03 14:43:57.118795 |
RSS for Yandex Turbo <= 1.30 - Authenticated Stored XSS
The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed.
Published: 2021-08-02T10:31:55.000Z
Updated: 2024-08-03T19:28:23.805Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.