Lucene search
WpvulndbWPEX-ID:3288B339-FE27-4706-B511-5B8586C9D370HistoryDec 02, 2021 - 12:00 a.m.
Post Duplicator < 2.27 - Admin+ Stored Cross-Site Scripting
2021-12-0200:00:00
wpvulndb
51
0.001 Low
EPSS
Percentile
25.0%
The plugin does not sanitise and escape its Duplicate Title and Slug settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Put the following payload in the "Duplicate Title" or "Duplicate Slug" settings: "><script>alert(/XSS/)</script>Related
wpvulndb
wpvulndb
Post Duplicator < 2.27 - Admin+ Stored Cross-Site Scripting
2021-12-02 00:00:00
nvd
nvd
CVE-2021-33852
2022-03-10 17:42:36
patchstack
patchstack
openvas
openvas
WordPress Post Duplicator Plugin < 2.27 XSS Vulnerability
2022-04-05 00:00:00
cvelist
cvelist
CVE-2021-33852
2022-03-09 16:54:43
cnvd
cnvd
WordPress Plugin Post-Duplicator Plugin Cross-Site Scripting Vulnerability
2022-03-14 00:00:00
prion
prion
Cross site scripting
2022-03-10 17:42:00
cve
cve
CVE-2021-33852
2022-03-10 17:42:36