4 matches found
CVE-2019-25743
WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script payloads in the...
CVE-2019-25743
The CVE-2019-25743 entry affects WordPress Soliloquy Lite 2.5.6 and describes a persistent cross-site scripting vulnerability. An authenticated attacker can inject scripts by sending script payloads in the post_title parameter via the post editing endpoint; these payloads are stored and executed ...
PT-2026-46213
WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script payloads in the pos...
CVE-2022-50947 WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS
WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the posttitle parameter. Attackers with editor privileges can inject JavaScript payloads through the...