4 matches found
WordPress Qards - Cross-Site Scripting
WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php. id: CVE-2017-18598 info: name: WordPress Qards - Cross-Site Scripting author: pussycat0x severity: medium description: WordPress Qards...
CVE-2017-18598
The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php...
CVE-2017-18598
CVE-2017-18598 : WordPress Qards plugin (through 2017-10-11) contains a cross-site scripting vulnerability in html2canvasproxy.php where a remote document is specified via the URL parameter. Exploitation could allow an attacker to inject scripts into pages viewed by users, potentially stealing da...
Qards - Server Side Request Forgery (SSRF)
Google Dork: inurl:"plugins/qards" Qards provides you easy option to drag and edit every part and element of your site in the front-end, you will never have to write any code to change the layout or to change any part of the site like the traditional WordPress way. The vulnerable script...