7 matches found
CVE-2021-24901
The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24901
The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24901
The CVE-2021-24901 affects the WordPress Security Audit plugin (versions ≤ 1.0.0). Root cause: the Data Id setting is not sanitized/escaped, enabling stored XSS. Impact: stored client-side code execution; attack could occur even if unfiltered_html is disallowed. Public exploit details exist (payl...
CVE-2021-24901 Security Audit <= 1.0.0 - Admin+ Stored Cross Site Scripting
The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress Security Audit 1.0.0 Plugin - Stored Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Tested on Windows CVE...
WordPress Security Audit 1.0.0 Cross Site Scripting
Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Date: 2022-01-26 Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Test...
WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting (XSS)
Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Date: 2022-01-26 Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Test...