Lucene search

K

Ryan DewhurstWPVDB-ID:623A9AA5-BA0E-4DEF-B1EB-C26622268AB0

HistoryJan 14, 2019 - 12:00 a.m.

easy-redirect-manager 2.18.18 - Cross-Site Scripting (XSS)

2019-01-1400:00:00

Ryan Dewhurst

wpscan.com

10

EPSS

0.002

Percentile

52.8%

Any page that causes a 404 or 302 response, will be output within the Redirect Log page without any validation or output encoding, including the URL querystring, which could contain an XSS payload.

References

www.logicallysecure.com/blog/ls-team-discovers-xss-in-wordpress-plugin/

EPSS

0.002

Percentile

52.8%

Related for WPVDB-ID:623A9AA5-BA0E-4DEF-B1EB-C26622268AB0

cvelist1 nvd1 patchstack1 prion1 cve1