WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A security vulnerability exists in Sociable...

Sociable <= 4.3.4.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfilteredhtml capability is disallowed PoC Put the following payload in the...

WordPress Sociable plugin <= 4.3.4.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Genubhau Wayal in WordPress Sociable plugin versions = 4.3.4.1. Solution Deactivate and delete. This plugin has been closed as of August 9, 2021 and is not available for download. Reason: Security Issue...

Sociable <= 4.3.4.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfilteredhtml capability is disallowed Put the following payload in the "Background...

WordPress Sociable Cross Site Scripting

1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 0 x Official Website: http://www.1337day.com 1 1 x...