Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbEthicalhack3rWPVDB-ID:97023904-FAE8-4064-9F64-4993C68C9083
HistoryMay 23, 2017 - 12:00 a.m.

Newsletter by Supsystic - Authenticated Stored XSS & CSRF

2017-05-2300:00:00
ethicalhack3r
wpscan.com
6

0.001 Low

EPSS

Percentile

31.5%

JSON

Despite what the original advisory states, the affected POST parameter is β€œlabel”. The CSRF issue was fixed in version 1.1.8, however, the Plugin still did not validate or output encode the β€œlabel” parameter.

CPENameOperatorVersion
newsletter-by-supsysticlt1.1.8

Related

prion 1
nvd 1
cve 1
cvelist 1
prion
prion
Cross site request forgery (csrf)
2019-08-14 16:15:00
nvd
nvd
CVE-2017-18512
2019-08-14 16:15:12
cve
cve
CVE-2017-18512
2019-08-14 16:15:12
cvelist
cvelist
CVE-2017-18512
2019-08-14 15:32:06

0.001 Low

EPSS

Percentile

31.5%

JSON
Related for WPVDB-ID:97023904-FAE8-4064-9F64-4993C68C9083
prion1nvd1cve1cvelist1