Lucene search
Fuzzyap1WPEX-ID:76AD4273-6BF4-41E9-99A8-BF6D634608ACHistoryMar 29, 2022 - 12:00 a.m.
Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting
2022-03-2900:00:00
fuzzyap1
63
stored xss
custom db prefix
plugin security
EPSS
0.001
Percentile
24.8%
The plugin does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Put the following payload in the Custom DB Prefix settings of the plugin: Books_n_Papers" style=animation-name:rotation onanimationstart=alert(/XSS/)//Related
wpvulndb
wpvulndb
Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting
2022-03-29 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-1156
2022-04-25 16:16:08
prion
prion
Cross site scripting
2022-04-25 16:16:00
patchstack
patchstack
cve
cve
CVE-2022-1156
2022-04-25 16:16:08