Lucene search
K
WpvulndbMost viewed

14602 matches found

WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.19 views

Post Grid < 2.1.8 - Reflected Cross-Site Scripting (XSS)

The slider import search feature and tab parameter of the plugin settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues PoC https://example.com/wp-admin/edit.php?posttype=postgrid=post-grid-settings="...

4.3CVSS0.5AI score0.11241EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.19 views

Awesome Weather Widget <= 3.0.2 - Reflected Cross-site Scripting (XSS)

The plugin does not sanitize the id parameter of its awesomeweatherrefresh AJAX action, leading to an unauthenticated Reflected Cross-Site Scripting XSS Vulnerability. Note WPScanTeam: The issue was reported to the WP plugins team on May 4th, 2021, then June 7th, 2021 due to lack of update. PoC...

4.3CVSS0.6AI score0.00726EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.19 views

Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS payloads in it PoC As admin, put the following payload in the "Allowed host" setting of the plugin /wp-admin/options-general.phpany-hostname...

3.5CVSS2.1AI score0.00613EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.19 views

ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in Image Uploader Component

The cover photo and profile photo upload functionalities of the plugin were vulnerable to arbitrary file uploads due to the use of exifimagetype for filetype checking. PoC 'Hax0r2', 'regemail' = '[email protected]', 'regpassword' = 'password', 'regpasswordpresent' = 'true', 'regfirstname' =...

9.8CVSS2.1AI score0.02101EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/21 12:0 a.m.19 views

myStickymenu < 2.5.2 - Authenticated Stored XSS

The plugin does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue, which will be triggered in the plugin's setting, as well as all front-page of the blog when the Welcome bar is active PoC...

3.5CVSS0.4AI score0.00626EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/16 12:0 a.m.19 views

Request a Quote < 2.3.4 - Authenticated Stored XSS

The plugin did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the 'All Quotes" table. Note: By default, admins and editors are allowed to use JavaScript in posts and page, unless the...

5.4CVSS1.6AI score0.00624EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/15 12:0 a.m.19 views

WP Google Maps Pro < 8.1.12 - Multiple Admin+ Stored Cross-Site Scripting

The plugin does not sanitise some of its fields, which could lead to Stored Cross-Site Scripting issues...

3.5CVSS0.9AI score0.00557EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/14 12:0 a.m.19 views

Vik Rent Car < 1.1.7 - CSRF to Stored XSS

In the plugin, there is a custom filed option by which we can manage all the fields that the users will have to fill in before saving the order. However, the field name is not sanitised or escaped before being output back in the page, leading to a stored Cross-Site Scripting issue. There is also ...

5.4CVSS2AI score0.00319EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/14 12:0 a.m.19 views

Woocommerce Stock Manager < 2.6.0 - CSRF to Arbitrary File Upload

The plugin is vulnerable to CSRF leading to Arbitrary File Upload due to missing nonce and file validation in the /admin/views/import-export.php file. PoC File will upload to: /wp-content/plugins/woocommerce-stock-manager/admin/views/upload/PoC.php...

6.8CVSS2.5AI score0.00719EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/27 12:0 a.m.19 views

Sendit WP Newsletter <= 2.5.1 - Authenticated (admin+) SQL Injection

The page lists-management feature of the plugin, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection. PoC time curl -i -s -k -X $'POST' \ -H $'Upgrade-Insecure-Requests: 1' -H...

6.6CVSS0.2AI score0.01338EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/26 12:0 a.m.19 views

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Activation

In the plugin, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activateplugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever',...

8.8CVSS1.7AI score0.02997EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/26 12:0 a.m.19 views

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Import

The importdata function of the plugin had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects. PoC curl -i -s -k -X $'POST' \ -H $'Host: URLHERE' -H $'Content-Length: 379' -H $'Cache-Control: max-age=0' -H $'Upgrade-Insecure-Requests: 1' -H...

8.8CVSS0.6AI score0.01107EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/17 12:0 a.m.19 views

Instant Images WordPress Plugin < 4.4.0.1 - Authenticated Stored XSS & XFS

The plugin did not properly validate and sanitise its unsplashdownloadw and unsplashdownloadh parameter settings /wp-admin/upload.php?page=instant-images, only validating them client side before saving them, leading to a Stored Cross-Site Scripting issue. PoC -- Payloads: $ "...

5.4CVSS1.1AI score0.00659EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/10 12:0 a.m.19 views

LifterLMS < 4.21.1 - Authenticated Stored XSS in Edit Profile

The 'State' field of the Edit profile page of the plugin is not properly sanitised when output in the About section of the profile page, leading to a stored Cross-Site Scripting issue. This could allow low privilege users such as students to elevate their privilege via an XSS attack when an admin...

5.4CVSS0.4AI score0.03249EPSS
Exploits5References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/09 12:0 a.m.19 views

Simple Giveaways < 2.36.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS PoC https://example.com/giveaway/mygiveaways/?share=%3Cscript%3Ealertdocument.domain%3C/script%3E...

6.1CVSS0.7AI score0.03451EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/05 12:0 a.m.19 views

Hana Flv Player <= 3.1.3 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting XSS vulnerability within the "Default Skin" field. PoC Step1: Install and activate the plugin. Step2: Go to the plugin setting. Step3: Enter the following payload in the field "Default Skin" xss"...

5.4CVSS0.9AI score0.0062EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/05/04 12:0 a.m.19 views

Goto < 2.1 - Reflected Cross-Site Scripting (XSS)

The theme did not properly sanitize the formvalue JSON POST parameter in its tlfilter AJAX action, leading to an unauthenticated Reflected Cross-site Scripting XSS vulnerability. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: / Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate...

6.1CVSS1.1AI score0.00822EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/30 12:0 a.m.19 views

Download Manager < 3.1.19 - Authenticated (author+) PHP4 File Upload to RCE

The wpdmadminuploadfile AJAX action used a blacklist approach to forbid potential dangerous files, such as PHP, from being uploaded. However, other dangerous extensions, like .php4 were not forbidden. PoC As an author or any account with the uploadfiles capability, attach a .php4 file to a downlo...

7AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/26 12:0 a.m.19 views

Car Seller - Auto Classifieds Script <= 2.1.0 - Unauthenticated SQL Injection

The requestlistrequest AJAX call of the plugin, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the orderid POST parameter before using it in a SQL statement, leading to a SQL Injection issue. PoC curl 'https://example.com/wp-admin/admin-ajax.php' ...

9.8CVSS2.2AI score0.14697EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/20 12:0 a.m.19 views

Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection

In the plugin, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $output = curlexec$ch; curlclose$ch; // OBJI $ch = curlinit; curlsetopt$ch, CURLOPTURL,...

6.5CVSS0.9AI score0.01967EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/15 12:0 a.m.19 views

Clever Addons for Elementor < 2.1.0 - Contributor+ Stored XSS

The “Clever Addons for Elementor” WordPress Plugin https://wordpress.org/plugins/cafe-lite/ before 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Banner” widget accepts a “titletag”...

3.5CVSS0.7AI score0.0059EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.19 views

DethemeKit For Elementor < 1.5.5.5 - Contributor+ Stored XSS

The “DeTheme Kit for Elementor” WordPress Plugin before 1.5.5.5 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “De Page/Post Title” widget accepts an “htmltag” parameter. Although the element control...

3.5CVSS0.7AI score0.0059EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.19 views

WooLentor - WooCommerce Elementor Addons + Builder < 1.8.6 - Contributor+ Stored XSS

The “WooLentor – WooCommerce Elementor Addons + Builder” WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Product Title” widget accepts a “producttitlehtmltag” parameter...

3.5CVSS0.9AI score0.0059EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.19 views

All-in-One Addons for Elementor - WidgetKit < 2.3.10 - Contributor+ Stored XSS

The “All-in-One Addons for Elementor – WidgetKit” WordPress Plugin before 2.3.10 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Content Carousel” widget accepts “customheadertag” and...

3.5CVSS1.9AI score0.00663EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.19 views

Essential Addons for Elementor < 4.5.4 - Contributor+ Stored Cross-Site Scripting (XSS)

The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method. The “Progress Bar” widget accepts a “progressbartitlehtmltag” parameter. Although...

3.5CVSS1.5AI score0.0059EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.19 views

Podcast Importer SecondLine < 1.1.5 - Server-Side Request Forgery (SSRF)

The plugin was vulnerable to Server-side request forgery SSRF...

5CVSS3.1AI score0.01695EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/12 12:0 a.m.19 views

Business Directory Plugin < 5.11.2 - Arbitrary Listing Export

The plugin suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as email, home addresses etc PoC The state is base64 encoded and will need to be adapted to t...

4.3CVSS2AI score0.00708EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/12 12:0 a.m.19 views

Business Directory Plugin < 5.11.2 - Authenticated Stored Cross-Site Scripting

The plugin suffered from lack of sanitisation in the label of the Form Fields, leading to Authenticated Stored Cross-Site Scripting issues across various pages of the plugin. PoC Log on as an admin, create or edit a Form Field wp-admin/admin.php?page=wpbdpadminformfields and set the Field Label...

3.5CVSS0.9AI score0.00645EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/11 12:0 a.m.19 views

Business Directory Plugin < 5.11 - Arbitrary File Upload to RCE

The plugin suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator import files. As the plugin also did not validate uploaded files, it could lead to RCE. Note WPScanTeam: CSRF check and some file validation were added in v5.11, however a blacklist...

6.8CVSS8.7AI score0.00672EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/10 12:0 a.m.19 views

Contact Form Check Tester <= 1.0.2 - Broken Access Control to Cross-Site Scripting (XSS)

The plugin settings are visible to all registered users in the dashboard and are lacking any sanitisation. As a result, any registered user, such as subscriber, can leave an XSS payload in the plugin settings, which will be triggered by any user visiting them, and could allow for privilege...

3.5CVSS1AI score0.04682EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/03 12:0 a.m.19 views

Pie Register < 3.7.0.1 - Reflected Cross-Site Scripting (XSS)

The plugin does not sanitise the invitaioncode GET parameter when outputting it in the Activation Code page, leading to a reflected Cross-Site Scripting issue. PoC https://example.com/wp-admin/admin.php?page=prnewregistrationformdashwidget=1code=PHNjcmlwdD5hbGVydCgxKTs8L3NjcmlwdD4=...

4.3CVSS1.1AI score0.01602EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/02 12:0 a.m.19 views

Business Hours Pro <= 5.5.0 - Unauthenticated Arbitrary File Upload to RCE

The plugin allows a remote attacker to upload arbitrary files using its manual update functionality, leading to an unauthenticated remote code execution vulnerability. Note WPScanTeam: - The issue has been escalated to Envato on March 30th, 2021 and the plugin has been removed from the...

7.5CVSS2.4AI score0.03037EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/03/31 12:0 a.m.19 views

Realteo < 1.2.4 - Arbitrary Property Deletion via IDOR

The plugin, used by the Findeo Theme, did not ensure that the requested property to be deleted belong to the user making the request, allowing any authenticated users to delete arbitrary properties by tampering with the propertyid parameter. PoC GET...

4CVSS4.5AI score0.01114EPSS
Exploits2References3Affected Software2
WPVulnDB
WPVulnDB
added 2021/03/30 12:0 a.m.19 views

Advanced Booking Calendar < 1.6.8 - Authenticated Reflected Cross-Site Scripting (XSS)

The plugin does not sanitise the license error message when output in the settings page, leading to an authenticated reflected Cross-Site Scripting issue PoC https://plugins.trac.wordpress.org/browser/advanced-booking-calendar/tags/1.6.7/backend/settings.phpL550...

3.5CVSS0.0062EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/03/17 12:0 a.m.19 views

WP Page Builder < 1.2.4 - Insecure default configuration Allows Subscribers Editing Access to Posts

By default, the plugin allows subscriber-level users to edit and make changes to any and all posts pages - user roles must be specifically blocked from editing posts and pages. A subscriber, upon registering an account with a site with the WP Pagebuilder plugin, could immediately modify or delete...

4CVSS3.1AI score0.00689EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2021/03/17 12:0 a.m.19 views

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Accordion Widget

In the plugin, the accordion widget includes/widgets/accordion.php accepts a ‘titlehtmltag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘savebuilder’ request containing JavaScri...

3.5CVSS0.4AI score0.00746EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/03/15 12:0 a.m.19 views

Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_answers_by_question

The tutorquizbuildergetanswersbyquestion AJAX action from the plugin was vulnerable to UNION based SQL injection that could be exploited by students. PoC python3 sqlmap.py -r /tutorunion.txt --dbms=mysql --technique=U -p questionid --dump Where tutorunion.txt is POST /wp-admin/admin-ajax.php...

4CVSS0.7AI score0.01742EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/03/15 12:0 a.m.19 views

Tutor LMS < 1.8.3 - SQL Injection via tutor_answering_quiz_question/get_answer_by_id

The tutoransweringquizquestion/getanswerbyid function pair from the plugin was vulnerable to UNION based SQL injection that could be exploited by students. PoC POST /courses/first-class/tutorquiz/test/ HTTP/1.1 Host: URL Content-Length: 413 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1...

4CVSS6.8AI score0.01253EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/03/11 12:0 a.m.19 views

JH 404 Logger <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)

The plugin doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard. PoC curl 'https://example.com/non-existing-page"' -e '"'...

3.5CVSS1.3AI score0.02044EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/03/10 12:0 a.m.19 views

Five Star Restaurant Menu < 2.2.1 - Unauthenticated PHP Object Injection

The plugin unserialised the fdmcart cookie value without any sanitisation or validation first, when the Ordering setting of the plugin was enabled, leading to a PHP object injection which could lead to RCE...

7.5CVSS3.1AI score0.30798EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/02/17 12:0 a.m.19 views

eCommerce Product Catalog < 3.0.18 - CSRF Nonce Bypass

The plugin did not properly check the CSRF nonce in the icorders.save function, which could allow attackers to make a logged in user with the editdigitalorder capability save arbitrary digital orders...

4.5AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2021/02/08 12:0 a.m.19 views

NextGen Gallery < 3.5.0 - CSRF allows File Upload

It was possible to bypass the "validateajaxrequest" function used to control access to ajax functions by sending a request without a nonce parameter. This could be used to upload arbitrary code to an image file. Although the uploaded file must be a valid image, it is possible to include PHP code ...

4.3CVSS2.7AI score0.01375EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/02/08 12:0 a.m.19 views

Membership by Supsystic <= 1.5.0 - Authenticated SQL Injection

The GET parameter "sidx" and "search are used in a SQL statement without being sanitised when searching for badges in the dashboard, leading to authenticated SQL Injection issues. v1.4.8 attempted a fix, which was found to not be sufficient PoC The PoC will be displayed once the issue has been...

2.9AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/01/20 12:0 a.m.19 views

Advanced Custom Field Pro < 5.9.1 - Reflected Cross-Site Scripting (XSS)

The plugin did not properly escape the generated update URL when outputting it in an attribute, leading to a reflected Cross-Site Scripting issue in the update settings page. PoC The PoC will be displayed on April 16, 2021, to give users the time to update...

0.9AI score0.01387EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2020/12/29 12:0 a.m.19 views

Site Offline < 1.4.4 - Multiple Cross-Site Request Forgery

The lack of CSRF checks could allow attackers to make a logged administrator change some of the plugin's settings...

4.3CVSS4.7AI score0.0097EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/12/12 12:0 a.m.19 views

Directories Pro < 1.3.46 - Authenticated Self-Reflected Cross-Site Scripting

The plugin did not sanitise the column names when importing a malicious CSV file, allowing for HTML or JavaScript injection. PoC Iimport a CSV file containing the following in the header: 'term" autofocus onfocus=alert'Complex\u0020XSS';alertdocument.cookie;//'"...

4.3CVSS0.5AI score0.05483EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/12/09 12:0 a.m.19 views

DiveBook <= 1.1.4 - Unauthenticated Reflected XSS

:A reflected Cross-Site Scripting vulnerability exists within the DiveBook log's filter functionality. Arbitrary URL parameters are reflected into the application's response, rendered by the browser as HTML or JavaScript. An attacker may abuse this functionality by sending a victim a crafted link...

4.3CVSS1.7AI score0.00948EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/10/28 12:0 a.m.19 views

Greenmart < 2.4.3 - Reflected Cross-Site Scripting (XSS)

The greenmartautocompletesearch AJAX action, available to both authenticated and unauthenticated users does not properly sanitise the callback parameter passed to it, resulting in a reflected Cross-Site Scripting issue. Edit WPScanTeam: The vendor 'fixed' the issue for authenticated users by addi...

4.3CVSS1AI score0.00923EPSS
Exploits3References2Affected Software1
WPVulnDB
WPVulnDB
added 2020/08/31 12:0 a.m.19 views

WP Smart CRM & Invoices FREE <= 1.8.7 - Authenticated Stored Cross-Site Scripting

Multiple fields from the customer model, such as The Business Name and Tax Code, are affected by stored cross-site scripting issues...

3.5CVSS1.9AI score0.00717EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/08/10 12:0 a.m.19 views

RSS Feed Widget < 2.8.1 - Authenticated Cross-Site Scripting (XSS)

The RSS Feed Widget WordPress plugin version 2.8.0 and below was vulnerable to Authenticated Cross-Site Scripting XSS within the "t" GET parameter. PoC http://www.example.com/wp-admin/admin.php?page=rfwoptions=1"...

4.3CVSS0.7AI score0.00866EPSS
Exploits2References2Affected Software1
Total number of security vulnerabilities5000