86 matches found
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...
Email Encoder < 2.1.2 - Reflected Cross Site Scripting
The plugin has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data. PoC The vulnerable function is nonce protected, the nonce can be found in the site's HTML source by searching for the javascript variable...
Email Encoder < 2.1.2 - Reflected Cross Site Scripting
The plugin has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data. The vulnerable function is nonce protected, the nonce can be found in the site's HTML source by searching for the javascript variable...
WordPress Email Encoder Bundle 1.4.3 Cross Site Scripting
================================================================================ WordPress Email Encoder Bundle 1.4.3 - Stored Cross Site Scripting ================================================================================ Author: Ehsan Hosseini Vendor Homepage:...
Email Encoder Bundle <= 1.4.1 - Unauthenticated Cross-Site Scripting (XSS)
The Email Encoder – Protect Email Addresses WordPress plugin was affected by an Unauthenticated Cross-Site Scripting XSS security vulnerability...
WordPress Email Encoder Bundle Plugin <= 1.4.1 - Cross Site Scripting
Because of this vulnerability, unauthenticated users can inject HTML or JS code. Solution Update the plugin...