7 matches found
WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)
0x01 漏洞概述 Wordpress的插件WordPress File Upload v4.3.3及其以前版本在管理后台存在一处存储型xss漏洞。攻击者可以通过该漏洞执行js脚本,获取管理员cookie。 漏洞名称:WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting PoC 漏洞来源:https://www.exploit-db.com/exploits/44444/ CVE:CVE-2018-9844 影响组件:WordPress Plugin File Upload...
WordPress File Upload Plugin 4.3.3 - Stored Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.3 Tested on: Windo...
WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)
Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS Date: 06/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.3 Tested on: Windows 7 / Cent OS 6.5 CVE : CVE-2018-984...
WordPress File Upload 4.3.3 Cross Site Scripting
Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS Date: 06/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.3 Tested on: Windows 7 / Cent OS 6.5 CVE : CVE-2018-984...
WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)
WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting PoC Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS Date: 06/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip...
CVE-2018-9844
The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS...
CVE-2018-9844
The CVE-2018-9844 affects the Iptanus WordPress File Upload plugin for WordPress (versions up to and including 4.3.3). The root cause is mishandling of the Settings attribute, which enables stored Cross-Site Scripting (XSS) in the admin panel (notably via the Edit_Settings functionality). Impact ...