Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.10 views

PT-2026-34516

A logic error in the cut utility of uutils coreutils causes the program to incorrectly interpret the literal two-byte string '' two single quotes as an empty delimiter. The implementation mistakenly maps this string to the NUL character for both the -d delimiter and --output-delimiter options. Th...

5.5CVSS5.8AI score0.00157EPSS
Exploits1References3
OSV
OSV
added 2021/08/02 11:15 a.m.2 views

CVE-2021-24477

The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via ...

6.1CVSS5.8AI score0.00412EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/08/02 10:32 a.m.16 views

CVE-2021-24477 Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)

The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via ...

6.2AI score0.00412EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.14 views

Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)

The plugin does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via a CSRF attack. PoC Add the following...

4.3CVSS3.4AI score0.00412EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/06/28 12:0 a.m.113 views

Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)

The plugin does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via a CSRF attack. Add the following paylo...

4.3CVSS0.1AI score0.00412EPSS
Exploits2
Rows per page
Query Builder