86 matches found
CVE-2021-36848
The CVE applies to WordPress plugin Social Media Feather ≤ v2.0.4, where an authenticated admin+ can trigger a stored XSS due to insufficient sanitization of settings. This could allow execution of JavaScript in a user’s browser. A fix is available in v2.0.5 and later; users should update to at l...
CVE-2021-36848 WordPress Social Media Feather plugin <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Social Media Feather WordPress plugin versions = 2.0.4...
WordPress plugin Social Media Feather跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in...
WordPress Social Media Feather plugin <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in WordPress Social Media Feather plugin versions = 2.0.4. Solution Update the WordPress Social Media Feather plugin to the latest available version at least 2.0.5...
Social Media Feather < 2.0.5 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
Feather CMS SQL Injection
Exploit Title : Feather CMS SQL Injection Vulnerability Author : Secure-Land Security Team Discovered By : farbodmahini Home : Secure-Land.net Version : All Version Vendor : www.kpsy.net Contact : [email protected] , [email protected] Security Risk : High DorK : "Powered by: Feather Inc"...