25 matches found
WordPress plugin Find and Replace All 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
WordPress plugin 跨站脚本漏洞
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of the WordPress plugin The Registrations for the Events...
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin ThinkTwit prior to version 1.7.1, which stems from a cross-site scripting issue stored in a plugin that fails to clean up or escape its "Consumer Keys" setting...
WordPress WooCommerce Dynamic Pricing & Discounts premium plugin <= 2.4.1 - Unauthenticated Settings Export vulnerability
Unauthenticated Settings Export vulnerability discovered by Jerome Bruandet NinTechNet in WordPress WooCommerce Dynamic Pricing & Discounts premium plugin versions = 2.4.1. Solution Update the WordPress WooCommerce Dynamic Pricing & Discounts premium plugin to the latest available version at leas...
WooCommerce Dynamic Pricing & Discounts < 2.4.2 - Unauthenticated Settings Export
The plugin does not have authorisation check on its export feature, allowing unauthenticated users to export them. PoC https://example.com/?rpwcdpdexportsettings=1...