CVE-2020-36704

The Fruitful Theme for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters stored via the fruitfulthemeoptionsaction AJAX action in versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2020-36704

The Fruitful Theme for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters stored via the fruitfulthemeoptionsaction AJAX action in versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2020-36704

CVE-2020-36704 (WordPress Fruitful Theme) is a stored XSS vulnerability affecting versions up to and including 3.8.1. The issue arises from insufficient input sanitization and output escaping in parameters stored via the fruitful_theme_options_action AJAX action. Exploitation requires authenticat...

WordPress Theme Fruitful 跨站脚本漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in WordPress Theme Fruitful version 3.8.1 and prior...

WordPress Fruitful theme <= 3.8.1 - Authenticated Theme Options Deletion vulnerability

Authenticated Theme Options Deletion vulnerability discovered by NinTechNet in WordPress Fruitful theme versions = 3.8.1. Solution Update the WordPress Fruitful theme to the latest available version at least 3.8.2...

WordPress Fruitful theme <= 3.8.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by NinTechNet in WordPress Fruitful theme versions = 3.8.1. Solution Update the WordPress Fruitful theme to the latest available version at least 3.8.2...

WordPress Theme Fruitful Cross-Site Scripting Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A cross-site scripting vulnerability exists in WordPress Theme Fruitful, which can be...

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Category : Webapps Software Link:...

Fruitful Theme < 3.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The Fruitful WordPress theme, version 3.8 and possibly below, was affected by an unauthenticated Reflected Cross-Site Scripting XSS vulnerability. The vulnerability was patched in version 3.8.1 of the Theme, although the changelog file only mentions: "Bug fix: Fixed issues on comment form" Add a...

WordPress Fruitful theme <= 3.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Behzad Khalifeh and Milad Ranjbar in WordPress Fruitful theme versions = 3.8. Solution Update the WordPress Fruitful theme to the latest available version at least 3.8.1...