Lucene search
ABISHEIK MWPVDB-ID:A4C352DE-9815-4DFE-AC51-65B5BFB37438HistoryJun 28, 2021 - 12:00 a.m.
Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-2800:00:00
ABISHEIK M
wpscan.com
6
0.001 Low
EPSS
Percentile
24.9%
The plugin does not sanitise or escape its “Allowed hosts” setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS payloads in it
PoC
As admin, put the following payload in the “Allowed host” setting of the plugin (/wp-admin/options-general.php#any-hostname):
| CPE | Name | Operator | Version |
|---|---|---|---|
| any-hostname | eq | * |
Related
cve
cve
CVE-2021-24481
2021-08-02 11:15:10
cvelist
cvelist
prion
prion
Cross site scripting
2021-08-02 11:15:00
nvd
nvd
CVE-2021-24481
2021-08-02 11:15:10
cnvd
cnvd
WordPress The Any Hostname plugin cross-site scripting vulnerability
2021-08-05 00:00:00
wpexploit
wpexploit
Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS)
2021-06-28 00:00:00