CVE-2022-2341

The Simple Page Transition WordPress plugin through 1.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2341

The Simple Page Transition WordPress plugin through 1.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2341

The CVE-2022-2341 entry concerns the WordPress plugin Simple Page Transition (version ≤ 1.4.1). The underlying issue is insufficient sanitisation/escaping of certain plugin settings, which could allow Stored Cross‑Site Scripting by high-privilege users (e.g., admins) when unfiltered_html is disal...

WordPress plugin Simple Page Transition 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Simple Page Transition 1.4.1 Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin ‘Simple Page Transition’ - Stored Cross Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/simple-page-transition/ Version: 1.4.1 Tested on: Firefox Contact me: email protected Vulnerable code: " / POC: 1-...