10 matches found
CVE-2022-4541
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2022-4541
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2022-4541
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2022-4541 WordPress Visitors <= 1.0 - Unauthenticated Stored Cross-Site Scripting via HTTP Header
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2022-4541 WordPress Visitors <= 1.0 - Unauthenticated Stored Cross-Site Scripting via HTTP Header
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress WordPress Visitors plugin <= 1.0 - Unauthenticated Stored Cross-Site Scripting via HTTP Header vulnerability
Unauthenticated Stored Cross-Site Scripting via HTTP Header vulnerability discovered by rezaduty in WordPress Plugin nm-visitors versions = 1.0...
WordPress Visitors plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Visitors is a plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Visitors plugin version 0.3 and earlier,...
CVE-2021-24350
The Visitors WordPress plugin through 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting XSS vulnerability. The plugin would display the user's user agent string without validation or encoding within the WordPress admin panel...
Visitors WordPress plugin 跨站脚本漏洞
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Visitors is a plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Visitors plugin version 0.3 and earlier,...
WordPress Visitors plugin <= 0.3 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Mesut Cetin in WordPress Visitors plugin versions = 0.3. Solution This plugin has been closed as of May 26, 2021 and is not available for download. This closure is temporary, pending a full review...