Lucene search
+L

5 matches found

0day.today
0day.today
added 2022/05/12 12:0 a.m.222 views

WordPress Blue Admin 21.06.01 Plugin - Cross-Site Request Forgery Vulnerability

Exploit Title: WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery CSRF Exploit Author : WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery CSRF Vendor Homepage : https://wpscan.com/plugin/blue-admi Version : alert/XSS/' /...

8.8CVSS0.5AI score0.04087EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.239 views

WordPress Blue Admin 21.06.01 Cross Site Request Forgery

Exploit Title: WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery CSRF Date: 2021-07-27 Exploit Author : Abisheik M Vendor Homepage : https://wpscan.com/plugin/blue-admi Version : alert/XSS/' /...

8.8CVSS0.1AI score0.04087EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.236 views

WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery (CSRF)

Exploit Title: WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery CSRF Date: 2021-07-27 Exploit Author : WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery CSRF Vendor Homepage : https://wpscan.com/plugin/blue-admi Version : alert/XSS/' /...

8.8CVSS8.8AI score0.04087EPSS
Exploits5
CVE
CVE
added 2021/08/30 2:11 p.m.82 views

CVE-2021-24581

CVE-2021-24581 concerns the WordPress plugin Blue Admin (

8.8CVSS8AI score0.04087EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2021/08/30 2:11 p.m.26 views

CVE-2021-24581 Blue Admin <= 21.06.01 - CSRF to Stored Cross-Site Scripting (XSS)

The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its settings, allowing the issue to be exploited...

8.1AI score0.04087EPSS
Exploits5References1
Rows per page
Query Builder