WordPress Interactive Medical Drawing of Human Body plugin <= 2.6 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Interactive Medical Drawing of Human Body versions = 2.6...

WordPress Interactive Medical Drawing of Human Body plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Interactive Medical Drawing of Human Body plugin version 2.6 previously had a cross-site scripting vulnerability The...

CVE-2022-0388

The Interactive Medical Drawing of Human Body WordPress plugin before 2.6 does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

Cross site scripting

The Interactive Medical Drawing of Human Body WordPress plugin before 2.6 does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0388 Interactive Medical Drawing of Human Body < 2.6 - Admin+ Stored XSS

The Interactive Medical Drawing of Human Body WordPress plugin before 2.6 does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0388

CVE-2022-0388 concerns the WordPress plugin Interactive Medical Drawing of Human Body (version

WordPress plugin Interactive Medical Drawing of Human Body 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Interactive Medical Drawing of Human Body plugin version 2.6 previously had a cross-site scripting vulnerability The...

PT-2022-13147 · WordPress · Interactive Medical Drawing Of Human Body

Name of the Vulnerable Software and Affected Versions: Interactive Medical Drawing of Human Body WordPress plugin versions prior to 2.6 Description: The issue allows high privilege users to perform Cross-Site Scripting attacks due to the lack of sanitization and escaping of the Link field, even...

Interactive Medical Drawing of Human Body < 2.6 - Admin+ Stored XSS

The plugin does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Put the following payload in the Link settings of a body party and save the change: "alert/XSS-link/...

Interactive Medical Drawing of Human Body < 2.6 - Admin+ Stored XSS

The plugin does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Put the following payload in the Link settings of a body party and save the change: "alert/XSS-link/...

WordPress Interactive Medical Drawing of Human Body plugin <= 1.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Rubina Shaikh in WordPress Interactive Medical Drawing of Human Body plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of February 17, 2022 and is not available for download. This closure is temporary,...