CVE-2022-1559

The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed...

CVE-2022-1559

The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed...

CVE-2022-1559

The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed...

CVE-2022-1559

The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed...

Cross site scripting

The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed...

CVE-2022-1559

Clipr WordPress plugin

CVE-2022-1559 Clipr <= 1.2.3 - Admin+ Stored Cross-Site Scripting

The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed...

WordPress plugin Clipr 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Cliprs plugin 1.2.3 and earlier versions have a cross-site scripting vulnerability that stems from ...

Clipr <= 1.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed PoC Put the following payload in the API Key settings of the plugin: 'alert/XSS/...

Clipr <= 1.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed Put the following payload in the API Key settings of the plugin: 'alert/XSS/ The XSS will be...

WordPress Clipr plugin <= 1.2.3 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Hassan Khan Yusufzai Splint3r7 in WordPress Clipr plugin versions = 1.2.3. Solution No patched version is available...

WordPress Clipr 1.2.3 Cross Site Scripting

Exploit Title: WordPress plugin clipr version 1.2.3 - Authenticated Date: 29-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/clipr/ Version: 1.2.3 Tested on: Firefox Contact me: h at spidersilk.com POC - Install Plugin...