Lucene search
IohexWPVDB-ID:016453E3-803B-4A67-8EA7-2D228C2998D4HistoryJun 16, 2022 - 12:00 a.m.
WP Paginate < 2.1.9 - Admin+ Stored Cross-Site Scripting
2022-06-1600:00:00
iohex
wpscan.com
6
0.001 Low
EPSS
Percentile
25.0%
The plugin does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfiltered_html is disallowed
PoC
Put the following payload on the Preset settings of the plugin: β+accesskey=βXβ+onclick=βalert(1)ββ
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp-paginate | lt | 2.1.9 |
Related
cnvd
cnvd
WordPress WP-Paginate pluginθ·¨η«θζ¬ζΌζ΄
2022-07-13 00:00:00
nvd
nvd
CVE-2022-2050
2022-07-11 13:15:09
patchstack
patchstack
cvelist
cvelist
CVE-2022-2050 WP Paginate < 2.1.9 - Admin+ Stored Cross-Site Scripting
2022-07-11 12:57:09
wpexploit
wpexploit
WP Paginate < 2.1.9 - Admin+ Stored Cross-Site Scripting
2022-06-16 00:00:00
cve
cve
CVE-2022-2050
2022-07-11 13:15:09
prion
prion
Cross site scripting
2022-07-11 13:15:00