4 matches found
CVE-2021-24771
The Inspirational Quote Rotator WordPress plugin through 1.0.0 does not sanitize and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the "Quotes list" even when the unfilteredhtml capability is disallo...
CVE-2021-24771
The CVE-2021-24771 entry corresponds to the WordPress Inspirational Quote Rotator plugin (versions up to 1.0.0) with a stored XSS vulnerability. Multiple connected sources confirm that admin users can inject malicious content into quote fields, which is then output in the Quotes list due to insuf...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. nspirational Quote Rotator plugin is a WordPress open source application plugin. WordPress Inspirational Quote...
Inspirational Quote Rotator <= 1.0.0 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitize and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the "Quotes list" even when the unfilteredhtml capability is disallowed Add/edit a quote...