4 matches found
CVE-2024-47365
CVE-2024-47365 is a stored XSS vulnerability in the WordPress plugin Automatically Hierarchic Categories in Menu, affecting versions up to 2.0.5. The issue arises from improper input neutralization during web page generation and can lead to stored cross-site scripting. Patch guidance across conne...
CVE-2024-1746 Testimonial Slider < 2.3.8 - Admin+ Stored XSS
The Testimonial Slider WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Social Codia SMS 1 Cross Site Scripting Vulnerability
sms-AddStudent-StoredXSS-POC Author: D4rkP0w4r Description = StoredXSS at Add Student Step to Reproduct Login to admin - Students - Add Student - input payload at Enter Name Exploit Input payload at Enter Name - clicked Add Students - access All Student - The XSS will trigger Log out admin and...
CVE-2018-14838
rejucms 2.1 has stored XSS via the admin/book.php content parameter...