23 matches found
CVE-2022-2426
The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators...
CVE-2020-35698
Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...
rinex-s-school.thinkific.com Cross Site Request Forgery vulnerability OBB-3876689
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2020-35698
Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...
CVE-2020-35698
Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...
Cross site scripting
Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...
PT-2023-11795 · Thinkific · Thinkific Online Course Creation Platform
Name of the Vulnerable Software and Affected Versions: Thinkific Thinkific Online Course Creation Platform version 1.0 Description: The issue is related to a Cross Site Scripting XSS vulnerability, allowing an attacker to execute arbitrary code remotely. The vulnerable component is the source cod...
CVE-2020-35698
CVE-2020-35698 affects Thinkific Online Course Creation Platform, version 1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the CMS code that can allow an attacker to execute arbitrary code remotely. The attack vector uses a crafted link to trigger XSS via the /account/billing endpoi...
Thinkific Online Course Creation Platform 跨站脚本漏洞
Thinkific Online Course Creation Platform is an online course creation platform from Thinkific. A security vulnerability exists in version 1.0 of the Thinkific Online Course Creation Platform. An attacker can exploit this vulnerability to execute arbitrary code on an affected website by...
CVE-2020-35698
Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...
CVE-2020-35698
Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...
CVE-2022-2426
The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators...
CVE-2022-2426
The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators...
CVE-2022-2426
The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators...
Cross site scripting
The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators...
CVE-2022-2426 Thinkific Uploader <= 1.0.0 - Admin+ Stored Cross-Site Scripting
The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators...
CVE-2022-2426
The CVE-2022-2426 entry concerns the Thinkific Uploader WordPress plugin (versions ≤ 1.0.0). The vulnerability is a Stored Cross-Site Scripting (XSS) issue caused by the plugin not sanitising and escaping its settings, enabling high-privilege users (e.g., administrators) to inject XSS that could ...
WordPress plugin Thinkific Uploader 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2022-16570 · WordPress · Thinkific Uploader
Name of the Vulnerable Software and Affected Versions: Thinkific Uploader WordPress plugin versions 1.0.0 and earlier Description: The issue concerns the lack of sanitization and escaping of settings in the plugin, which could allow high-privilege users, such as administrators, to perform Stored...
Thinkific Uploader <= 1.0.0 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators. PoC Put the following payload in any of the settings: "...