7 matches found
WP-UserOnline 2.88.0 - Stored Cross Site Scripting (Authenticated) Vulnerability
Exploit Title: WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Authenticated Google Dork: inurl:/wp-content/plugins/wp-useronline/ Exploit Author: Onur Göğebakan Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...
WordPress WP-UserOnline 2.88.0 Cross Site Scripting
Exploit Title: Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/wp-useronline/ Date: 2022-08-24 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...
Wordpress WP-UserOnline 2.88.0 Plugin - Stored Cross Site Scripting Vulnerability
Exploit Title: Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/wp-useronline/ Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...
Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS)
Exploit Title: Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/wp-useronline/ Date: 2022-08-24 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...
CVE-2022-2941
creationtimestamp| type| source ---|---|--- 2022-09-23 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51020 2025-12-19 20:18:03+00:00| seen| https://t.me/Dooztoria/22...
CVE-2022-2941 WP-UserOnline <= 2.88.0 - Authenticated (Admin+) Stored Cross-Site Scripting
The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities in versions up to, and including 2.88.0. This is due to the fact that all fields in the "Naming Conventions" section do not properly sanitize user input, nor escape it on output. This makes it possible...
CVE-2022-2941
The WP-UserOnline WordPress plugin (versions up to 2.88.0) contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities due to improper sanitization/escaping in the Naming Conventions inputs. This flaw can be exploited by authenticated attackers with administrative privileges to inject Jav...