WordPress Multisite Content Copy/Update plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Multisite Content Copier/Updater plugin...

CVE-2022-0503

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard...

CVE-2022-0503

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard...

Cross site scripting

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard...

CVE-2022-0503 Multisite Content Copier/Updater < 2.1.2 - Reflected Cross-Site Scripting

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard...

CVE-2022-0503

CVE-2022-0503 affects the WordPress Multisite Content Copier/Updater plugin for WordPress, prior to version 2.1.2. The vulnerability is a Reflected Cross-Site Scripting (XSS) in the network dashboard caused by insufficient sanitisation/escaping of the s parameter when echoed back in an attribute....

WordPress Multisite Content Copier/Updater plugin cross-site scripting vulnerability

WordPress is a set of blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress application plugin. A cross-site scripting vulnerability exists in versions of the WordPres...

WordPress Multisite Content Copier/Updater plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Multisite Content Copier/Updater plugin versi...

CVE-2021-25038

The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmussourceblog and wmusrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25039

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcccontenttype, wmccsourceblog and wmccrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25039

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcccontenttype, wmccsourceblog and wmccrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25038

The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmussourceblog and wmusrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

CVE-2021-24216

The All-in-One WP Migration WordPress plugin before 7.41 does not validate uploaded files' extension, which allows administrators to upload PHP files on their site, even on multisite installations...

CVE-2021-24216

The All-in-One WP Migration WordPress plugin before 7.41 does not validate uploaded files' extension, which allows administrators to upload PHP files on their site, even on multisite installations...

Cross site scripting

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcccontenttype, wmccsourceblog and wmccrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

Cross site scripting

The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmussourceblog and wmusrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25039

The CVE-2021-25039 entry concerns the WordPress Multisite Content Copier/Updater plugin (before 2.1.0). The vulnerability arises from insufficient sanitization/escaping of the parameters wmcc_content_type, wmcc_source_blog, and wmcc_record_per_page, which are echoed back in attributes, enabling r...

CVE-2021-25039 Multisite Content Copier/Updater < 2.1.0 - Reflected Cross-Site Scripting

The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcccontenttype, wmccsourceblog and wmccrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25038

CVE-2021-25038 affects the WordPress Multisite User Sync/Unsync plugin prior to 2.1.2. The vulnerability arises from failure to sanitize and escape the wmus_source_blog and wmus_record_per_page parameters before echoing them in HTML attributes, enabling a reflected cross-site scripting (XSS) cond...

CVE-2021-25038 Multisite User Sync/Unsync < 2.1.2 - Reflected Cross-Site Scripting

The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmussourceblog and wmusrecordperpage parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...