PrintFriendly plugin XSS vulnerabilit
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
![]() | WordPress PrintFriendly Cross-Site Scripting Vulnerability | 22 Jun 202200:00 | – | cnvd |
![]() | CVE-2022-0663 | 20 Jun 202211:15 | – | cve |
![]() | CVE-2022-0663 | 20 Jun 202211:15 | – | nvd |
![]() | WordPress Print, PDF, Email by PrintFriendly plugin <= 5.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | 30 May 202200:00 | – | patchstack |
![]() | Cross site scripting | 20 Jun 202211:15 | – | prion |
![]() | Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting | 30 May 202200:00 | – | wpvulndb |
![]() | CVE-2022-0663 Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting | 20 Jun 202210:25 | – | cvelist |
In the plugin's settings, tick 'Custom Button' and put the following payload in the Text field: <img src=x onerror=alert(/XSS/)>
The XSS will be triggered when accessing the plugin's settings page, as well as all frontend pages
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo