8 matches found
CVE-2021-24411
The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack...
CVE-2021-24411
The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack...
CVE-2021-24411
CVE-2021-24411 affects the WordPress Social Tape plugin (versions up to 1.0). The vulnerability arises from missing CSRF checks when saving settings and lack of sanitization/escaping of those settings on output, leading to a stored XSS via a CSRF attack. Published details show an exploitable flow...
CVE-2021-24411 Social Tape <= 1.0 - CSRF to Stored XSS
The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in...
Social Tape <= 1.0 - CSRF to Stored XSS
The plugin does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack PoC...
WordPress Social Tape plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)
Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Ashish Upsham in WordPress Social Tape plugin versions = 1.0. Solution This plugin has been closed as of June 15, 2021 and is not available for download. Reason: Security Issue...
Social Tape <= 1.0 - CSRF to Stored XSS
The plugin does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack alert/XSS/' /...