Cross site scripting

Cross-site scripting XSS vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file...

CVE-2008-0837

Cross-site scripting XSS vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file...

CVE-2008-0837

CVE-2008-0837 is a cross-site scripting (XSS) vulnerability in the log feature of the WordPress plugin “Search Unleashed” (v0.2.10) by John Godley. The issue arises from improper handling of the s parameter, enabling an attacker to inject arbitrary script/HTML when an administrator views the log ...

WordPress Search Unleashed Plugin <= 0.2.10 - XSS

Because of this vulnerability in the log feature, the attackers can inject arbitrary web script or HTML via the "s" parameter. Solution Update the plugin...

Search Unleashed 0.2.10 JavaScript injection &#40;Wordpress plugin&#41;

Hello all, There is a bug in "Log" function of Search Unleashed by John Godley, version 0.2.10. This plug-in stores search queries but does not validates stored data and put them back "raw" to browser. HTML and Java Script can be injected with search request:...

unleashed-xss.txt

Hello all, There is a bug in "Log" function of Search Unleashed by John Godley, version 0.2.10. This plug-in stores search queries but does not validates stored data and put them back "raw" to browser. HTML and Java Script can be injected with search request:...