9 matches found
WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting
WordPress Mediumish theme 1.0.47 and prior contains an unauthenticated reflected cross-site scripting vulnerability. The 's' GET parameter is not properly sanitized by the search feature before it is output back on the page. id: CVE-2021-24316 info: name: WordPress Mediumish Theme =1.0.47 -...
CVE-2021-24316
The search feature of the Mediumish WordPress theme through 1.0.47 does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue...
CVE-2021-24316
The search feature of the Mediumish WordPress theme through 1.0.47 does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue...
CVE-2021-24316
The search feature of the Mediumish WordPress theme through 1.0.47 does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue...
Cross site scripting
The search feature of the Mediumish WordPress theme through 1.0.47 does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue...
CVE-2021-24316 Mediumish <= 1.0.47 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The search feature of the Mediumish WordPress theme through 1.0.47 does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue...
Mediumish <= 1.0.47 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The search feature of the theme does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue. The vendor has been unresponsive to any form of contact https://example.com/?posttype=post&s=%22%3E%3Cscript%3Ealert/XSS/%3C/script%3E...
Mediumish <= 1.0.47 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The search feature of the theme does not properly sanitise it's 's' GET parameter before output it back the page, leading to the Cross-SIte Scripting issue. The vendor has been unresponsive to any form of contact PoC https://example.com/?posttype=post=%22%3E%3Cscript%3Ealert/XSS/%3C/script%3E...
WordPress Mediumish premium theme <= 1.0.47 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by m0ze in WordPress Mediumish premium theme versions = 1.0.47. Solution No information about the patched version available...