4 matches found
CVE-2021-24367
The WP Config File Editor WordPress plugin through 1.7.1 was affected by an Authenticated Stored Cross-Site Scripting XSS vulnerability...
CVE-2021-24367
CVE-2021-24367 affects the WordPress plugin WP Config File Editor up to version 1.7.1, which contains an Authenticated Stored Cross-Site Scripting (XSS) flaw. The vulnerability arises within the plugin’s admin-facing functionality; exploitation requires authentication (typically an admin). A PoC ...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WP Config File Editor WordPress plugin 1.7.1 and earlier versions...
WP Config File Editor <= 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS)
The WP Config File Editor WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting XSS vulnerability. By default, only administrator users could access the affected functionality, limiting the exploitability of the vulnerability. However, some WordPress admins may allow lesse...