cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-24297,https://securityvulnerability.io/vulnerability/CVE-2021-24297,Goto < 2.1 - Reflected Cross-Site Scripting (XSS),"The Goto WordPress theme before 2.1 did not properly sanitize the formvalue JSON POST parameter in its tl_filter AJAX action, leading to an unauthenticated Reflected Cross-site Scripting (XSS) vulnerability.",Wordpress,Goto,6.1,MEDIUM,0.0009299999801442027,false,,false,false,false,,false,false,2021-05-24T10:58:04.000Z,0
CVE-2021-24314,https://securityvulnerability.io/vulnerability/CVE-2021-24314,Goto < 2.1 - Unauthenticated Blind SQL Injection,"The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it in a SQL statement, leading to an Unauthenticated SQL injection issue",Wordpress,Goto,9.8,CRITICAL,0.004699999932199717,false,,false,false,false,,false,false,2021-05-17T16:48:53.000Z,0
CVE-2021-24235,https://securityvulnerability.io/vulnerability/CVE-2021-24235,Goto - Tour & Travel < 2.0 - Unauthenticated Reflected XSS,"The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.",Wordpress,Goto,6.1,MEDIUM,0.0014400000218302011,false,,false,false,false,,false,false,2021-04-22T21:00:50.000Z,0