PT-2024-15989 · WordPress · Wp-Strava

Name of the Vulnerable Software and Affected Versions: WP-Strava plugin for WordPress versions up to, and including, 2.12.1 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows authenticated...

strava.com XSS vulnerability

Vulnerable URL: http://www.strava.com/local/nl/amsterdam/cycling/routes?'alert'XSSPOSED'...