110 matches found
PT-2021-23594 · WordPress · Wordpress Popular Posts
Name of the Vulnerable Software and Affected Versions: WordPress Popular Posts versions up to and including 5.3.2 Description: The WordPress Popular Posts plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the /src/Image.php file. This makes it...
WordPress 代码问题漏洞
WordPress is a blogging platform developed using the PHP language, which supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin Popular Posts 5.3.2 and previous versions are vulnerable to arbitrary file uploads. An attacker could exploit the vulnerability to upload...
WordPress Popular Posts Plugin < 5.3.4 XSS Vulnerability
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
WordPress plugin Popular Posts cross-site scripting vulnerability
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL.The Wordpress plugin Popular Posts 5.3.3 and previous versions have a cross-site scripting vulnerability tha...
CVE-2021-36872
Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...
Cross site scripting
Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...
CVE-2021-36872
CVE-2021-36872 affects WordPress Popular Posts plugin (versions
CVE-2021-36872 WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability
Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...
CVE-2021-36872 WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability
Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...
WordPress 跨站脚本漏洞
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL.The Wordpress plugin Popular Posts 5.3.3 and previous versions have a cross-site scripting vulnerability tha...
WordPress plugin Popular Posts remote code execution vulnerability
WordPress is a blogging platform developed based on the PHP language, which can be used to set up websites on servers supporting PHP and MySQL databases, and can also be used as a content management system CMS. WordPress plugin Popular Posts has a remote code execution vulnerability that can be...
WordPress Popular Posts Plugin Remote Code Execution
A remote code execution vulnerability exists in WordPress Popular Posts Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Popular Posts 5.3.2 Shell Upload
Exploit Title: WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution RCE Authenticated Date: 15/07/2021 Exploit Author: Simone Cristofaro Vendor Homepage: https://it.wordpress.org/plugins/wordpress-popular-posts/ Software Link:...
WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution RCE Authenticated Date: 15/07/2021 Exploit Author: Simone Cristofaro Vendor Homepage: https://it.wordpress.org/plugins/wordpress-popular-posts/ Software Link:...
WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability
Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack in WordPress Popular Posts plugin versions = 5.3.3. Solution Update the WordPress Popular Posts plugin to the latest available version at least 5.3.4...
WordPress Popular Posts < 5.3.4 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape the widget-wpp2posttype parameter before outputting it in the page, which could lead to a Stored Cross-Site Scripting issue...
WordPress Popular Posts Plugin < 5.3.3 Multiple Vulnerabilities
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
WordPress Plugin "WordPress Popular Posts" vulnerable to cross-site scripting
Overview WordPress Plugin "WordPress Popular Posts" provided by Hector Cabrera contains a cross-site scripting vulnerability CWE-79. Yu Iwama of Secure Sky Technology Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
WordPress Popular Posts Cross-Site Scripting Vulnerability
WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress Popular Posts 5.3.2 and earlier versions are vulnerable to cross-site scripting. An authenticated remote attacker can use this vulnerability to inject arbitrary scripts...
CVE-2021-20746
Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...