8 matches found
CVE-2021-39338
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, i...
Cross site scripting
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, i...
CVE-2021-39338
The CVE-2021-39338 entry documents a Stored Cross-Site Scripting in the WordPress plugin MyBB Cross-Poster (
CVE-2021-39338 MyBB Cross-Poster <= 1.0 Authenticated Stored Cross-Site Scripting
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, i...
CVE-2021-39338 MyBB Cross-Poster <= 1.0 Authenticated Stored Cross-Site Scripting
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, i...
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin MyBB Cross-Poster, which stems from insufficient input validation and cleanup of several parameters found in the /classes/MyBBXPSettings.php file, which allows ...
MyBB Cross-Poster <= 1.0 - Admin+ Stored Cross-Site Scripting
The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts. This affects multi-site...
WordPress MyBB Cross-Poster plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress MyBB Cross-Poster plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...