7 matches found
WordPress WordPress Security plugin <= 4.2.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Niraj Mahajan in WordPress WordPress Security plugin versions = 4.2.0. Solution Update the WordPress WordPress Security plugin to the latest available version at least 4.2.1...
WordPress Limit Login Attempts plugin <= 4.0.71 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Niraj Mahajan in WordPress Limit Login Attempts plugin versions = 4.0.71. Solution Update the WordPress Limit Login Attempts plugin to the latest available version at least 4.0.72...
WordPress miniOrange's Malware Scanner plugin <= 4.5.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Niraj Mahajan in WordPress miniOrange's Malware Scanner plugin versions = 4.5.1. Solution Update the WordPress Malware Scanner plugin to the latest available version at least 4.5.2...
WordPress miniOrange's Google Authenticator plugin <= 5.5.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Niraj Mahajan in WordPress miniOrange's Google Authenticator plugin versions = 5.5.5. Solution Update the WordPress miniOrange's Google Authenticator plugin to the latest available version at least 5.5.6...
WordPress User Meta plugin <= 2.4.2 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Niraj Mahajan in WordPress User Meta plugin versions = 2.4.2. Solution Update the WordPress User Meta plugin to the latest available version at least 2.4.3...
WordPress GetPaid payments plugin 2.4.6 - HTML Injection Vulnerability
Exploit Title: WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection Exploit Author: Niraj Mahajan Software Link: https://wordpress.org/plugins/invoicing/ Version: 2.4.6 Tested on Windows Steps to Reproduce: 1. Install Wordpress 5.8 2. Install and Activate "WordPress Payments Plugin |...
WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection
Exploit Title: WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection Date: 29/08/2021 Exploit Author: Niraj Mahajan Software Link: https://wordpress.org/plugins/invoicing/ Version: 2.4.6 Tested on Windows Steps to Reproduce: 1. Install Wordpress 5.8 2. Install and Activate "WordPress...