3 matches found
CVE-2021-24785
The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin The Great Quotes 1.0.0 and...
WordPress Great Quotes plugin <= 1.0.0 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Vishal Mohan in WordPress Great Quotes plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of September 24, 2021 and is not available for download. This closure is temporary, pending a full review...