CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS

The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...

CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS

The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...

WordPress plugin Advanced Schedule Posts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...

WordPress Advanced Schedule Posts Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Schedule Posts Type Plugin Vulnerable versions = 2.1.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0249 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 858b382898f4 Credits Krzysztof...

Advanced Schedule Posts <= 2.1.8 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins. PoC...