8972 matches found
CVE-2021-24606
The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL statement, leading to a SQL Injection issue, which can be exploited by any user able to add shortcode to posts/pages, such as contributor+...
CVE-2021-24604
The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24604
The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
Cross site scripting
The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24525 Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS
The Shortcodes Ultimate WordPress plugin before 5.10.2 allows users with Contributor roles to perform stored XSS via shortcode attributes. Note: the plugin is inconsistent in its handling of shortcode attributes; some do escape, most don't, and there are even some attributes that are insecure by...
CVE-2021-24525
CVE-2021-24525 concerns the WordPress plugin Shortcodes Ultimate (before 5.10.2). The vulnerability allows users with the Contributor role to perform stored XSS via shortcode attributes due to inconsistent handling/escaping of attributes (some are escaped, many are not; some attributes may be ins...
Polo Video Gallery <= 1.2 - Contributor+ Stored Cross-Site Scripting
The plugin does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode PoC Log in as contributor and add the following shortco...
Easy Twitter Feed < 1.2 - Contributor+ Stored Cross-Site Scripting
The plugin does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode PoC Log in as contributor and add the following shortco...
Html5 Audio Player < 2.1.3 - Contributor+ Stored Cross-Site Scripting
The plugin does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode PoC Log in as contributor and add the following shortco...
WordPress 插件 SQL注入漏洞
WordPress Plugin is an open source application plugin for WordPress. The WordPress plugin suffers from a SQL injection vulnerability that stems from the Availability Calendar plugin prior to version 1.2.1 that does not escape the category attribute from its shortcode before using it in a SQL...
Easy Twitter Feed < 1.2 - Contributor+ Stored Cross-Site Scripting
The plugin does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode Log in as contributor and add the following shortcode i...
Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS
The plugin allows users with any role capable of editing or adding posts to perform stored XSS. PoC Add the below payload as a shortcode block: podcastsubscribe alignment='" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alertorigin//'...
Dflip Lite < 1.7.10 - Contributor+ Stored Cross-Site Scripting
Description The plugin does not escape the class attribute of its shortcode before outputting it back in an attribute, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks PoC dflip class='"...
Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS
The plugin allows users with any role capable of editing or adding posts to perform stored XSS. Add the below payload as a shortcode block: podcastsubscribe alignment='" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alertorigin//'...
Meow Gallery < 4.1.9 - Contributor+ SQL Injection
The plugin does not sanitise, validate or escape the ids attribute of its gallery shortcode available for users as low as Contributor before using it in an SQL statement, leading to an authenticated SQL Injection issue. The injection also allows the returned values to be manipulated in a way that...
Meow Gallery < 4.1.9 - Contributor+ SQL Injection
The plugin does not sanitise, validate or escape the ids attribute of its gallery shortcode available for users as low as Contributor before using it in an SQL statement, leading to an authenticated SQL Injection issue. The injection also allows the returned values to be manipulated in a way that...
CVE-2021-24665
The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks...
CoolClock < 4.3.5 - Contributor+ Stored Cross-Site Scripting
The plugin does not escape some shortcode attributes, allowing users with a role as low as Contributor toperform Stored Cross-Site Scripting attacks PoC As a user with a role as low as contributor, put the following shortcode in a post/page and view/preview it to trigger the XSS which is specific...
PostX Gutenberg Blocks Saved Templates Addon < 2.4.10 - Contributor+ Stored Cross-Site Scripting
The plugin, with Saved Templates Addon enabled, allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's shortcode. PoC Create a page as any user with the following shortcode block: gutenbergpostblocks id='a"...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...