13 matches found
CVE-2021-47957
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
EUVD-2021-34825
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957
The vulnerability affects the WordPress plugin Cookie Law Bar (version 1.2.1). It is a stored XSS in the Bar Message field (parameter clb_bar_msg) that can be exploited by an authenticated attacker to inject scripts via the plugin settings page, with the payload executing in the browsers of all s...
WordPress plugin Cookie Law Bar 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-41454
Name of the Vulnerable Software and Affected Versions Cookie Law Bar version 1.2.1 Description A stored cross-site scripting issue allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the 'Bar Message' field. These script payloads are injected through the...
Cookie Law Bar <= 1.2.1 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin does not properly sanitise its Bar Message setting, allowing high privilege users to set an XSS payload in it, which will be triggered in all frontend page of the blog. PoC As admin, go the plugin settings /wp-admin/options-general.php?page=clb and set a payload such as in the Bar...
WordPress Cookie Law Bar 1.2.1 Plugin - (clb_bar_msg) Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Cookie Law Bar 1.2.1 - 'clbbarmsg' Stored Cross-Site Scripting XSS Exploit Author: Mesut Cetin Vendor Homepage: https://www.cookielawinfo.com/wordpress-plugin/ Software Link: https://wordpress.org/plugins/cookie-law-bar/ Version: 1.2.1 Tested on: Ubuntu 16.04 LTS,...
Cookie Law Bar <= 1.2.1 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin does not properly sanitise its Bar Message setting, allowing high privilege users to set an XSS payload in it, which will be triggered in all frontend page of the blog. As admin, go the plugin settings /wp-admin/options-general.php?page=clb and set a payload such as alert/XSS/ in the B...
WordPress Cookie Law Bar 1.2.1 Cross Site Scripting
Exploit Title: WordPress Plugin Cookie Law Bar 1.2.1 - 'clbbarmsg' Stored Cross-Site Scripting XSS Date: 2021-05-24 Exploit Author: Mesut Cetin Vendor Homepage: https://www.cookielawinfo.com/wordpress-plugin/ Software Link: https://wordpress.org/plugins/cookie-law-bar/ Version: 1.2.1 Tested on:...
WordPress Plugin Cookie Law Bar 1.2.1 - 'clb_bar_msg' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Cookie Law Bar 1.2.1 - 'clbbarmsg' Stored Cross-Site Scripting XSS Date: 2021-05-24 Exploit Author: Mesut Cetin Vendor Homepage: https://www.cookielawinfo.com/wordpress-plugin/ Software Link: https://wordpress.org/plugins/cookie-law-bar/ Version: 1.2.1 Tested on:...