5 matches found
Shield Security Plugin < 20.0.6 - Cross-Site Scripting
The Shield Security WordPress plugin before 20.0.6 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'navsub' parameter in the admin dashboard, allowing authenticated users to execute arbitrary JavaScript in the context of other...
CVE-2024-7313
creationtimestamp| type| source ---|---|--- 2024-08-26 08:41:28+00:00| seen| https://t.me/cvedetector/4099 2025-04-04 13:43:58+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-7313.yaml...
WordPress Shield Security Plugin < 20.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Shield Security Type Plugin Vulnerable versions 20.0.6 Fixed in 20.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7313 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID df05c396b592 Credits Krugov Artyom...
Exploit for Cross-site Scripting in Getshieldsecurity Shield_Security
Shield Security Plugin Vulnerability Exploit CVE-2024-7313...
WordPress Shield Security 20.0.5 Cross Site Scripting
Exploit Title: CVE-2024-7313 - Reflected XSS to Unauthorised Administrator Account Creation Google Dork: inurl:"/wp-content/plugins/wp-simple-firewall/" Cannot find version numbers from this DORK Date: 16/08/2024 Exploit Author: Tim Lepp Vendor Homepage: https://getshieldsecurity.com/ Software...