52 matches found
WordPress plugin Postie 安全漏洞
WordPress Postie Plugin is a plugin that is mainly used for publishing posts via email. WordPress Postie Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker...
PT-2025-39812
Name of the Vulnerable Software and Affected Versions Postie WordPress plugin versions prior to 1.9.71 Description The software does not properly sanitize and escape certain settings, potentially allowing users with high privileges, such as administrators, to carry out Stored Cross-Site Scripting...
CVE-2019-20204
The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...
WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting
WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software...
WordPress Postie 1.9.40 Plugin - Persistent Cross-Site Scripting Exploit
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link:...
WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting
Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...
WordPress Postie 1.9.40 Cross Site Scripting
Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...
WordPress Postie plugin <= 1.9.40 - Stored Cross-Site Scripting (XSS) and post submission spoofing vulnerabilities
Stored Cross-Site Scripting XSS and post submission spoofing vulnerabilities found by V1n1v131r4 in WordPress Postie plugin versions = 1.9.40. Solution 06.01.2020 - we were unable to find a patched version of this plugin...
WordPress Postie plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Postie is one of the plugins used to support posting using email. A cross-site scripting vulnerability in the WordPress Postie plugin c...
CVE-2019-20204
The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...
CVE-2019-20204
The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...
CVE-2019-20203
The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...
CVE-2019-20203
The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...
Design/Logic Flaw
The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...
Code injection
The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...
Postie <= 1.9.40 - Post Submission Spoofing & Stored XSS
"The Postie plugin for WordPress only allows posting of articles submitted by authorized users through a mailing list registered in the plugin settings. However through the email sender's spoofing technique, it was possible to bypass the plugin settings and publish a post as having been sent by a...
WordPress Postie Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Postie is one of the plugins used to support posting using email. A cross-site scripting vulnerability exists in WordPress Postie versi...
CVE-2019-20204
The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...
CVE-2019-20204
The CVE-2019-20204 entry concerns the WordPress Postie plugin, version 1.9.40. A cross-site scripting (XSS) vulnerability exists in this plugin that can be triggered by a crafted payload starting with jaVasCript:/* and an embedded SVG element, enabling execution of client‑side scripts in the cont...
CVE-2019-20203
The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...