5 matches found
CVE-2021-25005
The SEUR Oficial WordPress plugin before 1.7.0 does not sanitize and escape some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-25005
creationtimestamp| type| source ---|---|--- 2022-01-17 16:23:14+00:00| seen| https://t.me/cibsecurity/35664...
CVE-2021-25005
The SEUR Oficial WordPress plugin before 1.7.0 does not sanitize and escape some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-25005
The SEUR Oficial WordPress plugin before 1.7.0 does not sanitize and escape some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-25005
SEUR Oficial WordPress plugin = 1.7.0 (latest available). Some public exploit references provide a PoC payload and list vulnerable fields (e.g., various seur_…_field settings). Exploit details are present in connected documents; no in-depth exploit steps are assumed beyond what's documented.