Lucene search
+L

4 matches found

CNVD
CNVD
added 2022/03/16 12:0 a.m.20 views

WordPress SEO 301 Meta plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress plugin is a WordPress application plugin. WordPress SEO 301 Meta plugin 1.9.1 and earlier versions are vulnerable to a cross-site scripting vulnerability that stems from the plugin's...

4.8CVSS1.5AI score0.00588EPSS
Exploits2References1
Prion
Prion
added 2022/03/14 3:15 p.m.13 views

Cross site scripting

The SEO 301 Meta WordPress plugin through 1.9.1 does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

3.5CVSS4.8AI score0.00588EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/03/14 12:0 a.m.3 views

WordPress plugin 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress plugin is a WordPress application plugin. WordPress SEO 301 Meta plugin 1.9.1 and earlier versions are vulnerable to a cross-site scripting vulnerability that stems from the plugin's...

4.8CVSS5.3AI score0.00588EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2022/02/21 12:0 a.m.14 views

SEO 301 Meta <= 1.9.1 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the Request or Destination settings of the plugin: "...

4.8CVSS3.3AI score0.00588EPSS
Exploits2Affected Software1
Rows per page
Query Builder