CVE-2022-3392 WP Humans.txt <= 1.0.6 - Admin+ Stored Cross-Site Scripting

The WP Humans.txt WordPress plugin through 1.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin WP Humans.txt 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2022-21909 · WordPress · Wp Humans.Txt

Name of the Vulnerable Software and Affected Versions: WP Humans.txt WordPress plugin versions 1.0.0 through 1.0.6 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is...

CVE-2022-3392

CVE-2022-3392 affects WP Humans.txt WordPress plugin up to version 1.0.6. The root cause is failure to sanitize/escape certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (including multisite). Several sources and a...

WordPress WP Humans.txt plugin <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Rahul Selvakumar in WordPress WP Humans.txt plugin versions = 1.0.6. Solution Deactivate and delete. This plugin has been closed as of October 3, 2022 and is not available for download. This closure is temporary, pending a...

WP Humans.txt <= 1.0.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in the Humans.txt texare...

Humans.txt File Detected

A Humans.txt file has been detected on the target. Humans.txt is a file that contains information about the different people who have contributed to building the website. No source data...