Lucene search
+L

6 matches found

Nuclei
Nuclei
added 9 hours ago55 views

WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting

The Easy Social Icons plugin = 3.0.8 for WordPress echoes out the raw value of $SERVER'PHPSELF' in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path...

6.1CVSS5.9AI score0.0236EPSS
Exploits2References5
Wordfence Blog
Wordfence Blog
added 2021/09/29 2:34 p.m.33 views

PHP_SELFish Part 2 – Reflected XSS in Easy Social Icons

Today’s post is part two of a two part blog post. It describes a cross site scripting vulnerability in the Easy Social Icons plugin that exploits the PHPSELF variable. In yesterday’s post, we described another plugin, underConstruction, suffering from a similar vulnerability related to the use of...

4.3CVSS6.7AI score0.0236EPSS
Exploits2
Circl
Circl
added 2021/09/02 8:36 p.m.20 views

CVE-2021-39322

creationtimestamp| type| source ---|---|--- 2021-09-02 20:36:31+00:00| seen| https://t.me/cibsecurity/28226 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-39322.yaml...

6.1CVSS6AI score0.0236EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2021/09/02 4:42 p.m.4 views

CVE-2021-39322 Easy Social Icons <= 3.0.8 - Reflected Cross-Site Scripting

The Easy Social Icons plugin = 3.0.8 for WordPress echoes out the raw value of $SERVER'PHPSELF' in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected Cross-Site Scripting attack by injecting malicious code in the request path...

6.1CVSS6.1AI score0.0236EPSS
Exploits2References2
CVE
CVE
added 2021/09/02 4:42 p.m.89 views

CVE-2021-39322

The CVE-2021-39322 entry relates to the WordPress Easy Social Icons plugin (versions

6.1CVSS6AI score0.0236EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2021/09/02 4:42 p.m.44 views

CVE-2021-39322 Easy Social Icons <= 3.0.8 - Reflected Cross-Site Scripting

The Easy Social Icons plugin = 3.0.8 for WordPress echoes out the raw value of $SERVER'PHPSELF' in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected Cross-Site Scripting attack by injecting malicious code in the request path...

6.1CVSS6.2AI score0.0236EPSS
Exploits2References2
Rows per page
Query Builder