Lucene search
Ethicalhack3rWPVDB-ID:D447ECD5-257D-4E34-A287-116946E6FAA1HistoryApr 12, 2016 - 12:00 a.m.
New Year Firework <= 1.1.9 - Unauthenticated Reflected Cross-Site Scripting (XSS)
2016-04-1200:00:00
ethicalhack3r
wpscan.com
4
0.001 Low
EPSS
Percentile
46.5%
The new-year-firework WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
PoC
http://www.example.com/wp-content/plugins/new-year-firework/firework/index.php?text=“><”
| CPE | Name | Operator | Version |
|---|---|---|---|
| new-year-firework | eq | * |
Related
wpexploit
wpexploit
prion
prion
Cross site scripting
2016-10-10 20:59:00
nvd
nvd
CVE-2016-1000140
2016-10-10 20:59:17
cve
cve
CVE-2016-1000140
2016-10-10 20:59:17
nuclei
nuclei
WordPress New Year Firework <=1.1.9 - Cross-Site Scripting
2021-07-20 23:16:34
cvelist
cvelist
CVE-2016-1000140
2016-10-10 20:00:00
patchstack
patchstack
WordPress New Year Firework Plugin <= 1.1.9 - Cross Site Scripting (XSS)
2016-04-12 00:00:00