Lucene search

K
wpvulndbWpvulndbWPVDB-ID:5E0BF0B6-9809-426B-B1D4-1FB653083B58
HistoryAug 30, 2021 - 12:00 a.m.

Easy Social Icons < 3.0.9 - Reflected Cross-Site Scripting

2021-08-3000:00:00
wpscan.com
3

0.003 Low

EPSS

Percentile

65.9%

The plugin does not escape the $_SERVER[‘PHP_SELF’] input before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue

PoC

https://example.com/wp-admin/admin.php/alert(/XSS/)

CPENameOperatorVersion
easy-social-iconslt3.0.9

0.003 Low

EPSS

Percentile

65.9%

Related for WPVDB-ID:5E0BF0B6-9809-426B-B1D4-1FB653083B58