9 matches found
EUVD-2021-11389
Malware in sbrugna...
WordPress Migrate Users plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The Migrate Users plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in the...
CVE-2021-24477
The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via ...
CVE-2021-24477
The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via ...
CVE-2021-24477 Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)
The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via ...
CVE-2021-24477
The CVE-2021-24477 entry concerns the WordPress Migrate Users plugin (
WordPress 插件跨站脚本漏洞
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The Migrate Users plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in the...
Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)
The plugin does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via a CSRF attack. Add the following paylo...
Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)
The plugin does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its options, allowing the issue to be exploited via a CSRF attack. PoC Add the following...