More references
parent
3de7af6018
commit
03dfb4bff6
|
@ -5,7 +5,7 @@ info:
|
||||||
author: daffainfo
|
author: daffainfo
|
||||||
severity: medium
|
severity: medium
|
||||||
description: Reflected XSS in wordpress plugin anti-plagiarism v3.60
|
description: Reflected XSS in wordpress plugin anti-plagiarism v3.60
|
||||||
reference:
|
reference: |
|
||||||
- http://www.vapidlabs.com/wp/wp_advisory.php?v=161
|
- http://www.vapidlabs.com/wp/wp_advisory.php?v=161
|
||||||
- https://wordpress.org/plugins/anti-plagiarism
|
- https://wordpress.org/plugins/anti-plagiarism
|
||||||
tags: cve,cve2016,wordpress,xss,wp-plugin
|
tags: cve,cve2016,wordpress,xss,wp-plugin
|
||||||
|
|
|
@ -5,7 +5,7 @@ info:
|
||||||
author: daffainfo
|
author: daffainfo
|
||||||
severity: medium
|
severity: medium
|
||||||
description: In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS.
|
description: In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS.
|
||||||
reference:
|
reference: |
|
||||||
- https://plugins.trac.wordpress.org/changeset/2152730
|
- https://plugins.trac.wordpress.org/changeset/2152730
|
||||||
- https://wordpress.org/plugins/api-bearer-auth/#developers
|
- https://wordpress.org/plugins/api-bearer-auth/#developers
|
||||||
tags: cve,cve2019,wordpress,xss,wp-plugin
|
tags: cve,cve2019,wordpress,xss,wp-plugin
|
||||||
|
|
|
@ -7,7 +7,9 @@ info:
|
||||||
description: The BuddyPress WordPress plugin was affected by an REST API Privilege Escalation to RCE
|
description: The BuddyPress WordPress plugin was affected by an REST API Privilege Escalation to RCE
|
||||||
reference: |
|
reference: |
|
||||||
- https://github.com/HoangKien1020/CVE-2021-21389
|
- https://github.com/HoangKien1020/CVE-2021-21389
|
||||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-21389
|
- https://buddypress.org/2021/03/buddypress-7-2-1-security-release/
|
||||||
|
- https://codex.buddypress.org/releases/version-7-2-1/
|
||||||
|
- https://github.com/buddypress/BuddyPress/security/advisories/GHSA-m6j4-8r7p-wpp3
|
||||||
tags: cve,cve2021,wordpress,wp-plugin,rce
|
tags: cve,cve2021,wordpress,wp-plugin,rce
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@ info:
|
||||||
author: daffainfo
|
author: daffainfo
|
||||||
severity: medium
|
severity: medium
|
||||||
description: The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value, bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameter in ints listing page, leading to reflected Cross-Site Scripting issues.
|
description: The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value, bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameter in ints listing page, leading to reflected Cross-Site Scripting issues.
|
||||||
reference:
|
reference: |
|
||||||
- https://m0ze.ru/vulnerability/%5B2021-03-21%5D-%5BWordPress%5D-%5BCWE-79%5D-Bello-WordPress-Theme-v1.5.9.txt
|
- https://m0ze.ru/vulnerability/%5B2021-03-21%5D-%5BWordPress%5D-%5BCWE-79%5D-Bello-WordPress-Theme-v1.5.9.txt
|
||||||
- https://wpscan.com/vulnerability/6b5b42fd-028a-4405-b027-3266058029bb
|
- https://wpscan.com/vulnerability/6b5b42fd-028a-4405-b027-3266058029bb
|
||||||
tags: cve,cve2021,wordpress,xss,wp-plugin
|
tags: cve,cve2021,wordpress,xss,wp-plugin
|
||||||
|
|
Loading…
Reference in New Issue