9 matches found
CVE-2021-47975
WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the fieldtitle parameter. Attackers can submit POST requests to the jslmfieldordering page with XSS payloads in the fieldtitle field to execute...
CVE-2021-47975
WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the fieldtitle parameter. Attackers can submit POST requests to the jslmfieldordering page with XSS payloads in the fieldtitle field to execute...
CVE-2021-47975
Vulnerability summary (CVE-2021-47975) : The WordPress plugin WP Learn Manager 1.1.2 contains a stored cross-site scripting (XSS) flaw in the fieldtitle parameter. An unauthenticated attacker can submit POST requests to the jslm_fieldordering page with XSS payloads in fieldtitle, enabling arbitra...
EUVD-2021-34830
WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the fieldtitle parameter. Attackers can submit POST requests to the jslmfieldordering page with XSS payloads in the fieldtitle field to execute...
WordPress plugin WP Learn Manager 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress WP Learn Manager plugin <= 1.1.4 - Unauthenticated Arbitrary User Field Edition/Creation vulnerability
Unauthenticated Arbitrary User Field Edition/Creation vulnerability discovered in WordPress WP Learn Manager plugin versions = 1.1.4. Solution Update the WordPress WP Learn Manager plugin to the latest available version at least 1.1.5. Version 1.1.5 added CSRF, but still no capability check...
WordPress WP Learn Manager 1.1.2 Cross Site Scripting
Exploit Title: WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting XSS Date: July 2, 2021 Exploit Author: Mohammed Adam Vendor Homepage: https://wplearnmanager.com/ Software Link: https://wordpress.org/plugins/learn-manager/ Version: 1.1.2 References link:...
WordPress WP Learn Manager 1.1.2 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting XSS Exploit Author: Mohammed Adam Vendor Homepage: https://wplearnmanager.com/ Software Link: https://wordpress.org/plugins/learn-manager/ Version: 1.1.2 References link:...
WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting XSS Date: July 2, 2021 Exploit Author: Mohammed Adam Vendor Homepage: https://wplearnmanager.com/ Software Link: https://wordpress.org/plugins/learn-manager/ Version: 1.1.2 References link:...