CVE-2021-24734

The Compact WP Audio Player WordPress plugin before 1.9.7 does not escape some of its shortcodes attributes, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

CVE-2021-24416

The StreamCast – Radio Player for WordPress plugin before 2.1.1 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode...

CVE-2021-24415

The Polo Video Gallery – Best wordpress video gallery plugin WordPress plugin through 1.2 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the...

CVE-2021-24412

The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious...

Cross site scripting

The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious...

Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting

The plugin adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields. - Create a page A - Add a custom field containing JS in...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

Insert Pages < 3.7.0 - Contributor+ Arbitrary Posts/Pages Access

The plugin allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status ie private, using a shortcode. Password protected posts/pages are not affected by such issue. PoC insert page='pageslug' display='all' Where...

Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting

The plugin adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields. PoC - Create a page A - Add a custom field containing JS...

WordPress 插件跨站脚本漏洞

WordPress plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress PDF Flipbook, 3D Flipbook, DearFlip plugin versions prior to 1.7.10, which stems from not bypassing the class attribute of its shortcode before outputting back to the attribut...

Booking.com Banner Creator < 1.4.3 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize inputs when creating banners, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Open the plugin's add new banner page B.com Banner - Add New Banner The form field named "Banner...

Booking.com Product Helper < 1.0.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape Product Code when creating Product Shortcode, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed When creating a "New product shortcode" you can inject XSS payloads like --! i...

CVE-2021-24678

The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossarytooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

CVE-2021-24465

The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode available for users as low as Contributor before using it in an SQL statement, leading to an authenticated SQL Injection issue. The injection also allows the returned...

MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting

The plugin does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks 1 Add playlist with "Optional Call to Action"'s "Label" set to: " style="animation-name:twentytwentyone-close-button-transition"...

Logo Slider and Showcase < 1.3.37 - Editor Plugin's Settings Update

The plugin allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of a capability check. - As Editor, go to Logo Showcase - Shortcode Generator - Run...

CVE-2021-24670

The CoolClock WordPress plugin before 4.3.5 does not escape some shortcode attributes, allowing users with a role as low as Contributor toperform Stored Cross-Site Scripting attacks...

Cross site scripting

The CoolClock WordPress plugin before 4.3.5 does not escape some shortcode attributes, allowing users with a role as low as Contributor toperform Stored Cross-Site Scripting attacks...

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin PostX, which stems from versions of the PostX Gutenberg Blocks for Post Grid WordPress plugin prior to 2.4.10 that enable the Saved Templates Addon, which allow...

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress plugin CoolClock suffers from a cross-site scripting vulnerability that stems from the fact that versions of the CoolClock WordPress plugin prior to 4.3.5 do not get rid of a number of short-code attributes that...