Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbAshishWPVDB-ID:EBE7F625-67E1-4DF5-A569-20526DD57B24
HistoryJul 19, 2021 - 12:00 a.m.

Social Tape <= 1.0 - CSRF to Stored XSS

2021-07-1900:00:00
Ashish
wpscan.com
5
JSON

The plugin does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack

PoC

CPENameOperatorVersion
social-tapeeq*

Related

cve 1
patchstack 1
prion 1
wpexploit 1
cve
cve
CVE-2021-24411
2021-08-16 11:15:00
patchstack
patchstack
WordPress Social Tape plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)
2021-07-19 00:00:00
prion
prion
Cross site scripting
2021-08-16 11:15:00
wpexploit
wpexploit
Social Tape <= 1.0 - CSRF to Stored XSS
2021-07-19 00:00:00
JSON
Related for WPVDB-ID:EBE7F625-67E1-4DF5-A569-20526DD57B24
cve1patchstack1prion1wpexploit1