11 matches found
EUVD-2021-11888
Malware in sbrugna...
CVE-2021-24976
The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting...
WordPress Smart SEO Tool Plugin < 4.0.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software Smart SEO Tool Type Plugin Vulnerable versions 4.0.2 Fixed in 4.0.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7f5302fb053b Credits WordFence Required privilege...
WordPress Smart SEO Tool plugin cross-site scripting vulnerability
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions prior to 3.0.6 of the Smart SEO Tool plugin for WordPress, which...
CVE-2021-24976
The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting...
CVE-2021-24976
The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting...
Cross site scripting
The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting...
CVE-2021-24976 Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting...
CVE-2021-24976
CVE-2021-24976 involves the WordPress plugin Smart SEO Tool (versions before 3.0.6). The issue is a reflected Cross-Site Scripting (XSS) caused by not sanitising/escaping the search parameter when the plugin’s TDK optimisation setting is enabled, allowing the parameter to be echoed back in an HTM...
WordPress Smart SEO Tool 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions prior to 3.0.6 of the Smart SEO Tool plugin for WordPress, which...
Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting With the "TDK optimization" setting enabled 7th page, first one: https://example.com/?s=123456"alert/XSS...