Lucene search
K

5 matches found

OSV
OSV
added 2021/10/15 1:15 p.m.4 views

CVE-2021-39338

The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, i...

4.8CVSS5.8AI score0.00916EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/10/15 12:15 p.m.28 views

CVE-2021-39338 MyBB Cross-Poster <= 1.0 Authenticated Stored Cross-Site Scripting

The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, i...

5.5CVSS5.4AI score0.00916EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2021/10/15 12:15 p.m.7 views

CVE-2021-39338 MyBB Cross-Poster <= 1.0 Authenticated Stored Cross-Site Scripting

The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, i...

5.5CVSS5.2AI score0.00916EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/15 12:0 a.m.4 views

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin MyBB Cross-Poster, which stems from insufficient input validation and cleanup of several parameters found in the /classes/MyBBXPSettings.php file, which allows ...

5.5CVSS5AI score0.00916EPSS
Exploits1References5
WPVulnDB
WPVulnDB
added 2021/10/14 12:0 a.m.24 views

MyBB Cross-Poster <= 1.0 - Admin+ Stored Cross-Site Scripting

The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts. This affects multi-site...

5.5CVSS4.8AI score0.00916EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder