Lucene search
+L

86 matches found

CNNVD
CNNVD
added 2021/09/06 12:0 a.m.4 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...

6.1CVSS5.9AI score0.00855EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2021/08/02 12:0 a.m.18 views

Email Encoder < 2.1.2 - Reflected Cross Site Scripting

The plugin has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data. PoC The vulnerable function is nonce protected, the nonce can be found in the site's HTML source by searching for the javascript variable...

6.1CVSS6.3AI score0.00855EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/08/02 12:0 a.m.561 views

Email Encoder < 2.1.2 - Reflected Cross Site Scripting

The plugin has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data. The vulnerable function is nonce protected, the nonce can be found in the site's HTML source by searching for the javascript variable...

6.1CVSS0.3AI score0.00855EPSS
Exploits2
Packet Storm
Packet Storm
added 2016/03/12 12:0 a.m.30 views

WordPress Email Encoder Bundle 1.4.3 Cross Site Scripting

================================================================================ WordPress Email Encoder Bundle 1.4.3 - Stored Cross Site Scripting ================================================================================ Author: Ehsan Hosseini Vendor Homepage:...

7.4AI score
Exploits0
WPVulnDB
WPVulnDB
added 2015/08/10 12:0 a.m.9 views

Email Encoder Bundle <= 1.4.1 - Unauthenticated Cross-Site Scripting (XSS)

The Email Encoder – Protect Email Addresses WordPress plugin was affected by an Unauthenticated Cross-Site Scripting XSS security vulnerability...

1.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2015/08/10 12:0 a.m.19 views

WordPress Email Encoder Bundle Plugin <= 1.4.1 - Cross Site Scripting

Because of this vulnerability, unauthenticated users can inject HTML or JS code. Solution Update the plugin...

1.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder