EUVD-2018-8918

Malware in sbrugna...

CVE-2022-4112

The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4112

The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4112

The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4112 Quizlord <= 2.0 - Admin+ Stored XSS

The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4112 Quizlord <= 2.0 - Admin+ Stored XSS

The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4112

The CVE-2022-4112 case concerns the Quizlord WordPress plugin (versions through 2.0). Affected component: plugin settings not sanitised/escaped, enabling Stored XSS by high-privilege users (e.g., admin) even when unfiltered_html is disallowed (multisite). Impact is described as admin-level XSS wi...

WordPress plugin Quizlord 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2022-25663 · WordPress · The Quizlord

Name of the Vulnerable Software and Affected Versions: The Quizlord WordPress plugin versions through 2.0 Description: The issue allows high privilege users, such as admin, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in...

WordPress Quizlord plugin <= 2.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Machupalli Sree Pragna in the WordPress Quizlord plugin versions = 2.0. Solution Deactivate and delete. This plugin has been closed as of November 22, 2022 and is not available for download. This closure is temporary, pending a ful...

Quizlord <= 2.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to Quizlord » Add a quiz 2. In the...

Quizlord <= 2.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Go to Quizlord » Add a quiz 2. In the input...

WordPress Quizlord Plugin Cross-Site Scripting (CVE-2018-17140)

A cross-site scripting vulnerability exists in WordPress Quizlord plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

WordPress Plugin Quizlord 2.0 XSS vulnerability reproduction and analysis-vulnerability warning-the black bar safety net

WordPress is a PHP language development blog platform, users can support PHP and MySQL database server set up your own website. You can also put WordPress as a CMS to use. WordPress often broke loopholes is it the plug-in there Security. Vulnerability reproduction First build worepress, my versio...

Cross site scripting

The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS via the title parameter in a qlinsert action to wp-admin/admin.php...

CVE-2018-17140

The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS via the title parameter in a qlinsert action to wp-admin/admin.php...

CVE-2018-17140

The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS via the title parameter in a qlinsert action to wp-admin/admin.php...

CVE-2018-17140

The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS via the title parameter in a qlinsert action to wp-admin/admin.php...

CVE-2018-17140

The CVE-2018-17140 entry affects the Quizlord WordPress plugin (version 2.0 and earlier). The vulnerability is a Stored XSS via the title parameter in a ql_insert action to wp-admin/admin.php, allowing arbitrary script injection when a user submits a crafted title. Documents corroborate this XSS ...