11 matches found
CVE-2022-1557
The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site...
WordPress ULeak Security
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress ULeak Security...
CVE-2022-1557
The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site...
CVE-2022-1557
The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site...
CVE-2022-1557 ULeak Security & Monitoring <= 1.2.3 - Subscriber+ Stored Cross-Site Scripting
The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site...
CVE-2022-1557
CVE-2022-1557 affects the WordPress plugin ULeak Security & Monitoring (
WordPress plugin ULeak Security & Monitoring 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress ULeak Security...
ULeak Security & Monitoring <= 1.2.3 - Subscriber+ Stored Cross-Site Scripting
The plugin does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site Scripting attacks against admins viewing the settings...
WordPress ULeak Security & Monitoring plugin <= 1.2.3 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability was discovered by Hassan Khan Yusufzai Splint3r7 in WordPress ULeak Security & Monitoring plugin versions = 1.2.3. Solution No patched version is available...
WordPress Uleak Security Dashboard 1.2.3 Cross Site Scripting
Exploit Title: WordPress Plugin uleak-security-dashboard 1.2.3 - Stored Cross-Site Scripting Authenticated Date: 31-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/uleak-security-dashboard/ Version: 1.2.3 Tested on: Firefox Contact me: h at...
WordPress Uleak Security Dashboard 1.2.3 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin uleak-security-dashboard 1.2.3 - Stored Cross-Site Scripting Authenticated Date: 31-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/uleak-security-dashboard/ Version: 1.2.3 Tested on: Firefox Contact me: h at...