Lucene search
PRIOn knowledge basePRION:CVE-2015-10001HistoryNov 01, 2021 - 9:15 a.m.
Cross site scripting
2021-11-0109:15:00
PRIOn knowledge base
www.prio-n.com
5
The WP-Stats WordPress plugin before 2.52 does not have CSRF check when saving its settings, and did not escape some of them when outputting them, allowing attacker to make logged in high privilege users change them and set Cross-Site Scripting payloads
Related
cve
cve
CVE-2015-10001
2021-11-01 09:15:07
nvd
nvd
CVE-2015-10001
2021-11-01 09:15:07
cvelist
cvelist
CVE-2015-10001 WP-Stats < 2.5.2 - CSRF to Stored Cross-Site Scripting (XSS)
2021-11-01 08:45:47