Lucene search

K

Mortgage Calculators WP < 1.56 - Admin+ Stored Cross-Site Scripting

🗓️ 11 Jan 2022 00:00:00Reported by Ceylan BozogullarindanType 
wpexploit
 wpexploit
👁 90 Views

Mortgage Calculators WP < 1.56 Admin Stored Cross-Site Scripting vulnerabilit

Show more
Related
Code
1. Go to settings page available under the "Calculator" menu item.
2. Click the "Select Color" button and type the following payload the input space: </style></head><script>alert(/XSS/)</script>
3. Click the "Save Changes" button to save settings.
4. Create a new page and add the shortcode ([mcwp type="cv"]) of the calculator, for testing.
5. Visit the page to trigger XSS.

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
11 Jan 2022 00:00Current
4.7Medium risk
Vulners AI Score4.7
EPSS0.001
90
.json
Report