8 matches found
CVE-2019-25744 WordPress Popup Builder 3.49 Persistent Cross-Site Scripting
WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the posttitle parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads...
CVE-2022-36527
Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module...
CVE-2022-27348
Social Codia SMS v1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...
CVE-2022-27348
Social Codia SMS v1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...
CVE-2022-27062
AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...
AeroCMS 跨站脚本漏洞
AeroCMS is a content management system from AeroCMS, Inc. A cross-site scripting vulnerability exists in AeroCMS v0.0.1, which can be exploited by attackers to execute arbitrary Web script or HTML by injecting a specially crafted payload into the post title text field...
Social Codia SMS 跨站脚本漏洞
Social Codia SMS is an inventory management system from Social Codia India. v1.0 of Social Codia SMS is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary Web script or HTML by injecting a specially crafted payload into the post title text...
WordPress Social Hashtags Plugin <= 2.0.0 - Cross Site Scripting
This plugin is prone to a cross site scripting vulnerability in new post title field. Solution Update the plugin...