Checkout for PayPal < 1.0.14 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks PoC As a contributor, put the following shortcode in a page/post...

Responsive Lightbox2 < 1.0.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks PoC As a contributor, put, the following shortcode in a page/post lightbox2...

Videojs HTML5 Player < 1.1.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks PoC As a contributor, put the following shortcode in a page/post videojsvideo...

PT-2022-24544 · Silverstripe · Silverstripe Asset-Admin +2

Name of the Vulnerable Software and Affected Versions: Silverstripe silverstripe/framework versions 4.11.0 and earlier Silverstripe silverstripe/assets versions 1.11.0 and earlier Silverstripe silverstripe/asset-admin versions 1.11.0 and earlier Description: The issue allows for cross-site...

CVE-2021-24828

The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

CVE-2021-24845

The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with posttype & poststatus which can be used to retrieve arbitrary content. This way, users with a role as low as Contributor can gain access to content they are not supposed to...

WordPress plugin Improved Include Page 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2021-24759

The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some of its shortcode and Gutenberg Block attributes, which could allow users with a role as low as Contributor to to perform Cross-Site Scripting attacks...

Improved Include Page <= 1.2 - Contributor+ Arbitrary Posts/Pages Access

The plugin allows passing shortcode attributes with posttype & poststatus which can be used to retrieve arbitrary content. This way, users with a role as low as Contributor can gain access to content they are not supposed to. PoC include-page allowtype="post" allowstatus="draft" id="131"...

CVE-2021-24734

The Compact WP Audio Player WordPress plugin before 1.9.7 does not escape some of its shortcodes attributes, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

CVE-2021-24678

The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossarytooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

CVE-2021-24670

The CoolClock WordPress plugin before 4.3.5 does not escape some shortcode attributes, allowing users with a role as low as Contributor toperform Stored Cross-Site Scripting attacks...

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress plugin CoolClock suffers from a cross-site scripting vulnerability that stems from the fact that versions of the CoolClock WordPress plugin prior to 4.3.5 do not get rid of a number of short-code attributes that...

CVE-2021-24525 Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS

The Shortcodes Ultimate WordPress plugin before 5.10.2 allows users with Contributor roles to perform stored XSS via shortcode attributes. Note: the plugin is inconsistent in its handling of shortcode attributes; some do escape, most don't, and there are even some attributes that are insecure by...

CVE-2021-24665

The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks...

CoolClock < 4.3.5 - Contributor+ Stored Cross-Site Scripting

The plugin does not escape some shortcode attributes, allowing users with a role as low as Contributor toperform Stored Cross-Site Scripting attacks PoC As a user with a role as low as contributor, put the following shortcode in a post/page and view/preview it to trigger the XSS which is specific...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS

The plugin allows users with Contributor roles to perform stored XSS via shortcode attributes. Note: the plugin is inconsistent in its handling of shortcode attributes; some do escape, most don't, and there are even some attributes that are insecure by design like subutton's onclick attribute. Po...

CVE-2021-24471

The YouTube Embed WordPress plugin before 5.2.2 does not validate, escape or sanitise some of its shortcode attributes, leading to Stored XSS issues by 1. using w, h, controls, cclang, color, language, start, stop, or style parameter of youtube shortcode, 2. by using style, class, rel, target,...

CVE-2021-24468

The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues...