Lucene search
+L

5 matches found

osv
osv
added 2022/04/25 4:16 p.m.3 views

CVE-2022-1156

The Books & Papers WordPress plugin through 0.20210223 does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00588EPSS
Exploits2References1
prion
prion
added 2022/04/25 4:16 p.m.11 views

Cross site scripting

The Books & Papers WordPress plugin through 0.20210223 does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

3.5CVSS4.8AI score0.00588EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2022/04/25 3:51 p.m.21 views

CVE-2022-1156 Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting

The Books & Papers WordPress plugin through 0.20210223 does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.00588EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/03/29 12:0 a.m.90 views

Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Put the following payload in the Custom DB Prefix settings of the plugin: BooksnPapers" style=animation-name:rotati...

4.8CVSS0.7AI score0.00588EPSS
Exploits2
wpvulndb
wpvulndb
added 2022/03/29 12:0 a.m.23 views

Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the Custom DB Prefix settings of the plugin: BooksnPapers"...

4.8CVSS2.4AI score0.00588EPSS
Exploits2Affected Software1
Rows per page
Query Builder