7 matches found
CVE-2019-14470
cosenary Instagram-PHP-API aka Instagram PHP API V2, as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php errordescription parameter...
CVE-2019-14470
cosenary Instagram-PHP-API aka Instagram PHP API V2, as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php errordescription parameter...
CVE-2019-14470
The CVE-2019-14470 entry affects WordPress UserPro plugin versions up to 4.9.32, which uses the cosenary Instagram-PHP-API (V2). The vulnerability is a reflected Cross-Site Scripting (XSS) via the example/success.php error_description parameter, demonstrated by the vulnerable code path that echoe...
WordPress UserPro 4.9.32 Cross Site Scripting
Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept: https://domain.tld/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&errordescription=...
WordPress UserPro 4.9.32 Plugin - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept:...
WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting
WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept:...
WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting
Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept: https://domain.tld/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&errordescription=...