Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | CVE-2021-25075 | 27 Apr 202309:58 | – | circl |
 | WordPress plugin Duplicate Page or Post 安全漏洞 | 21 Feb 202200:00 | – | cnnvd |
 | WordPress Plugin Duplicate Page or Post Cross-Site Scripting Vulnerability | 23 Feb 202200:00 | – | cnvd |
 | CVE-2021-25075 Duplicate Page or Post < 1.5.1 - Arbitrary Settings Update to Stored XSS | 21 Feb 202210:45 | – | cvelist |
 | EUVD-2021-11987 | 7 Oct 202500:30 | – | euvd |
 | Wpgarlic - A Proof-Of-Concept WordPress Plugin Fuzzer | 25 Apr 202221:30 | – | kitploit |
 | WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting | 8 Jun 202604:09 | – | nuclei |
 | CVE-2021-25075 | 21 Feb 202211:15 | – | nvd |
 | WordPress Duplicate Page or Post plugin <= 1.5.0 - Arbitrary Settings Update leading to Stored Cross-Site Scripting (XSS) vulnerability | 24 Jan 202200:00 | – | patchstack |
 | Cross site scripting | 21 Feb 202211:15 | – | prion |
10
Node
[
{
"product": "Duplicate Page or Post",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.1",
"status": "affected",
"version": "1.5.1",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | request body | /wp-admin/admin-ajax.php | Flawed CSRF/authorization in AJAX action wpdevart_duplicate_post_parametrs_save_in_db permits any authenticated user to modify plugin settings and inject stored XSS via title_prefix. | CWE-862 |
| title_prefix | request body | /wp-admin/admin-ajax.php | Flawed CSRF/authorization in AJAX action wpdevart_duplicate_post_parametrs_save_in_db permits any authenticated user to modify plugin settings and inject stored XSS via title_prefix. | CWE-862 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Nov 2024 05:54Current
3.5Low risk
Vulners AI Score3.5
CVSS 3.13.5
CVSS 23.5
EPSS0.12492