WordPress Admin Font Editor <=1.8 - Cross-Site Scripting

WordPress Admin Font Editor 1.8 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

Wordpress admin-font-editor plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up a personal blog site. admin-font-editor is one of the backend font editing plugin. Wordpress admin-font-editor plugin version 1.8 has a...

CVE-2016-1000126

Reflected XSS in wordpress plugin admin-font-editor v1.8...

Cross site scripting

Reflected XSS in wordpress plugin admin-font-editor v1.8...

CVE-2016-1000126

Reflected XSS in wordpress plugin admin-font-editor v1.8...

CVE-2016-1000126

Reflected XSS in wordpress plugin admin-font-editor v1.8...

CVE-2016-1000126

CVE-2016-1000126 is a reflected Cross-Site Scripting vulnerability affecting the WordPress plugin Admin Font Editor (versions 1.8 and earlier). The connected nuclei template confirms the issue is a reflected XSS in the plugin, enabling an attacker to execute arbitrary JavaScript in a victim’s bro...

Admin Font Editor <= 1.8 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The admin-font-editor WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. http://www.example.com/wp-content/plugins/admin-font-editor/css.php?size="alert1;"...

Admin Font Editor <= 1.8 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The admin-font-editor WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. PoC http://www.example.com/wp-content/plugins/admin-font-editor/css.php?size=""...