11 matches found
WordPress Bulk Creator plugin cross-site scripting vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Bulk Creator plugin 1.0.1 and earlier versions have a cross-site scripting vulnerability that stems from a failure to clean...
CVE-2022-0647
The Bulk Creator WordPress plugin through 1.0.1 does not sanitize and escape the posttype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0647
The Bulk Creator WordPress plugin through 1.0.1 does not sanitize and escape the posttype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0647 Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting
The Bulk Creator WordPress plugin through 1.0.1 does not sanitize and escape the posttype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0647
CVE-2022-0647 concerns the WordPress plugin Bulk Creator (versions up to 1.0.1). The vulnerability is a straightforward Reflected Cross-Site Scripting caused by the plugin failing to sanitize and escape the post_type parameter before echoing it back on an admin page. The root cause, as described ...
WordPress plugin Bulk Creator 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Bulk Creator plugin 1.0.1 and earlier versions have a cross-site scripting vulnerability that stems from a failure to clean...
Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting
The plugin does not sanitize and escape the posttype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. PoC https://example.com/wp-admin/admin.php?page=bulk-creatortype="...
WordPress Bulk Creator plugin <= 1.0.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Ran Crane in WordPress Bulk Creator plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of February 16, 2022 and is not available for download. This closure is temporary, pending a full review...
Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting
The plugin does not sanitize and escape the posttype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. https://example.com/wp-admin/admin.php?page=bulk-creator&posttype="...
WordPress Bulk Edit Easy Digital Downloads – Fast Bulk Creator plugin < 1.0.49 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Bulk Edit Easy Digital Downloads – Fast Bulk Creator plugin versions 1.0.49. Solution Update the WordPress Bulk Edit Easy Digital Downloads – Fast Bulk Creator plugin to the latest available version at least 1.0.49...
WordPress Bulk Edit Easy Digital Downloads – Fast Bulk Creator plugin < 1.0.49 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Bulk Edit Easy Digital Downloads – Fast Bulk Creator plugin versions 1.0.49. Solution Update the WordPress Bulk Edit Easy Digital Downloads – Fast Bulk Creator plugin to the latest available version at...