11 matches found
EUVD-2021-11460
Malware in sbrugna...
CVE-2021-24548
The Mimetic Books WordPress plugin through 0.2.13 was vulnerable to Authenticated Stored Cross-Site Scripting XSS in the "Default Publisher ID" field on the plugin's settings page...
Cross site scripting
The Mimetic Books WordPress plugin through 0.2.13 was vulnerable to Authenticated Stored Cross-Site Scripting XSS in the "Default Publisher ID" field on the plugin's settings page...
CVE-2021-24548 Mimetic Books <= 0.2.13 - Authenticated Stored Cross-Site Scripting (XSS)
The Mimetic Books WordPress plugin through 0.2.13 was vulnerable to Authenticated Stored Cross-Site Scripting XSS in the "Default Publisher ID" field on the plugin's settings page...
CVE-2021-24548
CVE-2021-24548 affects the Mimetic Books WordPress plugin up to version 0.2.13. It is an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in the Default Publisher ID field of the plugin’s settings page. The stored payload can be injected by an authenticated user and, when triggered, ...
WordPress Mimetic Books 0.2.13 Cross Site Scripting
Exploit Title: WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting XSS Date: 18/07/2021 Exploit Author: Vikas Srivastava Vendor Homepage: Software Link: https://wordpress.org/plugins/mimetic-books/ Version: 0.2.13 Category: Web Application Tested on Ma...
Mimetic Books <= 0.2.13 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin was vulnerable to Authenticated Stored Cross-Site Scripting XSS in the "Default Publisher ID" field on the plugin's settings page. PoC 1. Install WordPress 5.7.2 2. Install and activate Mimetic Books 3. Navigate to Settings Mimetic Books API and enter the XSS payload into the Default...
Mimetic Books <= 0.2.13 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin was vulnerable to Authenticated Stored Cross-Site Scripting XSS in the "Default Publisher ID" field on the plugin's settings page. 1. Install WordPress 5.7.2 2. Install and activate Mimetic Books 3. Navigate to Settings Mimetic Books API and enter the XSS payload into the Default...
WordPress Mimetic Books 0.2.13 Plugin - (Default Publisher ID field) XSS Vulnerability
Exploit Title: WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting XSS Exploit Author: Vikas Srivastava Vendor Homepage: Software Link: https://wordpress.org/plugins/mimetic-books/ Version: 0.2.13 Category: Web Application Tested on Mac How to Reproduc...
WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting XSS Date: 18/07/2021 Exploit Author: Vikas Srivastava Vendor Homepage: Software Link: https://wordpress.org/plugins/mimetic-books/ Version: 0.2.13 Category: Web Application Tested on Ma...
WordPress Mimetic Books plugin <= 0.2.13 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Vikas Srivastava in WordPress Mimetic Books plugin versions = 0.2.13. Solution This plugin has been closed as of July 19, 2021 and is not available for download. This closure is temporary, pending a full review...