Lucene search
K

231 matches found

Packet Storm
Packet Storm
added 2021/01/06 12:0 a.m.368 views

WordPress Litespeed Cache 3.6 Cross Site Scripting

Exploit Title: WordPress Plugin litespeed-cache 3.6 - 'serverip' Cross-Site Scripting Date: 20-12-2020 Software Link: https://downloads.wordpress.org/plugin/litespeed-cache.3.6.zip Version: litespeed-cache Tested on: Windows 10 x64 Description: A Stored Cross-site scripting XSS was discovered in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.405 views

WordPress Plugin litespeed cache 3.6 - 'server_ip' Cross-Site Scripting

Exploit Title: WordPress Plugin litespeed-cache 3.6 - 'serverip' Cross-Site Scripting Date: 20-12-2020 Software Link: https://downloads.wordpress.org/plugin/litespeed-cache.3.6.zip Version: litespeed-cache Tested on: Windows 10 x64 Description: A Stored Cross-site scripting XSS was discovered in...

7.4AI score
Exploits0
OSV
OSV
added 2020/12/26 2:15 a.m.3 views

CVE-2020-29172

A cross-site scripting XSS vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting...

6.1CVSS6.3AI score0.0093EPSS
Exploits1References2
NVD
NVD
added 2020/12/26 2:15 a.m.19 views

CVE-2020-29172

A cross-site scripting XSS vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting...

6.1CVSS6.1AI score0.0093EPSS
Exploits1References2
Prion
Prion
added 2020/12/26 2:15 a.m.14 views

Cross site scripting

A cross-site scripting XSS vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting...

4.3CVSS6AI score0.0093EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/12/26 1:56 a.m.97 views

CVE-2020-29172

CVE-2020-29172 is a cross-site scripting vulnerability in the WordPress LiteSpeed Cache plugin prior to 3.6.1. The issue arises because the Toolbox Admin IPs/Server IP setting does not sanitize input, enabling injection of script payloads via the IP field. Some sources (WPVulnDB/OpenVAS explainer...

6.1CVSS6AI score0.0093EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/12/26 1:56 a.m.30 views

CVE-2020-29172

A cross-site scripting XSS vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting...

6.1AI score0.0093EPSS
Exploits1References2
wpexploit
wpexploit
added 2020/12/26 12:0 a.m.116 views

LiteSpeed Cache < 3.6.1 - Authenticated Stored Cross-Site Scripting

The plugin does not sanitise invalid IPs given in its Toolbox page before displaying them in an error message. Submit a payload such as in the Admin IPs section of the Toolbox /wp-admin/admin.php?page=litespeed-toolbox...

4.3CVSS0.3AI score0.0093EPSS
Exploits1References1
WPVulnDB
WPVulnDB
added 2020/12/26 12:0 a.m.17 views

LiteSpeed Cache < 3.6.1 - Authenticated Stored Cross-Site Scripting

The plugin does not sanitise invalid IPs given in its Toolbox page before displaying them in an error message. PoC Submit a payload such as in the Admin IPs section of the Toolbox /wp-admin/admin.php?page=litespeed-toolbox...

4.3CVSS1.2AI score0.0093EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2020/12/26 12:0 a.m.9 views

WordPress LiteSpeed Cache plugin <= 3.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by WonTae Jang in WordPress LiteSpeed Cache plugin versions = 3.6. Solution Update the WordPress LiteSpeed Cache plugin to the latest available version at least 3.6.1...

2AI score
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2020/12/25 12:0 a.m.8 views

Wordpress LiteSpeed Cache Plugin Cross-Site Scripting Vulnerability

Wordpress LiteSpeed Cache Plugin is a Wordpress Foundation plugin that provides site caching functionality for Wordpress sites. The plugin supports object caching, minimizing static files, asynchronous loading, automatic cache clearing and other features. A cross-site scripting vulnerability exis...

6.1CVSS6.1AI score0.0093EPSS
Exploits1References4
Rows per page
Query Builder