4 matches found
WordPress SEO 301 Meta plugin cross-site scripting vulnerability
WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress plugin is a WordPress application plugin. WordPress SEO 301 Meta plugin 1.9.1 and earlier versions are vulnerable to a cross-site scripting vulnerability that stems from the plugin's...
Cross site scripting
The SEO 301 Meta WordPress plugin through 1.9.1 does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress plugin 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress plugin is a WordPress application plugin. WordPress SEO 301 Meta plugin 1.9.1 and earlier versions are vulnerable to a cross-site scripting vulnerability that stems from the plugin's...
SEO 301 Meta <= 1.9.1 - Admin+ Stored Cross-Site Scripting
The plugin does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the Request or Destination settings of the plugin: "...