6 matches found
EUVD-2021-11446
Malware in sbrugna...
CVE-2021-24534
The PhoneTrack Meu Site Manager WordPress plugin through 0.1 does not sanitise or escape its "phpid" setting before outputting it back in an attribute in the page, leading to a stored Cross-Site Scripting issue...
CVE-2021-24534
The PhoneTrack Meu Site Manager WordPress plugin through 0.1 does not sanitise or escape its "phpid" setting before outputting it back in an attribute in the page, leading to a stored Cross-Site Scripting issue...
CVE-2021-24534 PhoneTrack Meu Site Manager <= 0.1 - Authenticated Stored XSS
The PhoneTrack Meu Site Manager WordPress plugin through 0.1 does not sanitise or escape its "phpid" setting before outputting it back in an attribute in the page, leading to a stored Cross-Site Scripting issue...
PhoneTrack Meu Site Manager <= 0.1 - Authenticated Stored XSS
The plugin does not sanitise or escape its "phpid" setting before outputting it back in an attribute in the page, leading to a stored Cross-Site Scripting issue. PoC Put the following payload in the "phpid" field in the plugin's settings /wp-admin/options-general.php?page=phtmanager: "...
PhoneTrack Meu Site Manager <= 0.1 - Authenticated Stored XSS
The plugin does not sanitise or escape its "phpid" setting before outputting it back in an attribute in the page, leading to a stored Cross-Site Scripting issue. Put the following payload in the "phpid" field in the plugin's settings /wp-admin/options-general.php?page=phtmanager: "alert/XSS/...