5 matches found
CVE-2021-47910
AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon title' field. Attackers can store XSS payloads like image tags with onerror event handlers that execut...
CVE-2021-47910 WordPress Plugin AccessPress Social Icons 1.8.2 Stored XSS
AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon title' field. Attackers can store XSS payloads like image tags with onerror event handlers that execut...
CVE-2021-47910
CVE-2021-47910 affects the WordPress plugin AccessPress Social Icons version 1.8.2. The vulnerability is a stored cross-site scripting (XSS) flaw in the plugin’s UI, where authenticated attackers can inject JavaScript payloads into the ‘icon title’ field. When the plugin page is viewed, stored pa...
CVE-2021-47910
AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon title' field. Attackers can store XSS payloads like image tags with onerror event handlers that execut...
PT-2026-39497
AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon title' field. Attackers can store XSS payloads like image tags with onerror event handlers that execut...