8 matches found
CVE-2021-24785
The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24785
The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24785
The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24785 Great Quotes <= 1.0.0 - Admin+ Stored Cross-Site Scripting
The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24785
CVE-2021-24785 affects the WordPress plugin Great Quotes (versions ≤ 1.0.0). The vulnerability is a stored Cross-Site Scripting (XSS) in the Quote and Author fields, arising from failure to sanitize/escape input. Public references describe that high-privilege users could perform XSS even with unf...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin The Great Quotes 1.0.0 and...
Great Quotes <= 1.0.0 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed. Add/edit a Quote and put the following payload in the "Quote" and "Author" fields:...
WordPress Great Quotes plugin <= 1.0.0 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Vishal Mohan in WordPress Great Quotes plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of September 24, 2021 and is not available for download. This closure is temporary, pending a full review...