Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbHSASecWPVDB-ID:57A6C672-905B-4931-9C04-26965A56A189
HistoryJun 30, 2015 - 12:00 a.m.

NewStatPress <= 1.0.3 - Unauthenticated Stored Cross-Site Scripting (XSS)

2015-06-3000:00:00
HSASec
wpscan.com
7

EPSS

0.001

Percentile

33.8%

JSON

An insufficient user input validation (of HTTP-Header: “Referer”) results in a persistent XSS in the WordPress admin-panel. An attacker may be able to access any cookies, session tokens or other sensitive information retained by the browser and used with that site.

Related

openvas 1
cvelist 1
nvd 1
cve 1
prion 1
openvas
openvas
WordPress NewStatPress Plugin < 1.0.4 XSS Vulnerability
2019-08-27 00:00:00
cvelist
cvelist
CVE-2015-9314
2019-08-14 14:52:46
nvd
nvd
CVE-2015-9314
2019-08-14 15:15:11
cve
cve
CVE-2015-9314
2019-08-14 15:15:11
prion
prion
Cross site request forgery (csrf)
2019-08-14 15:15:00

EPSS

0.001

Percentile

33.8%

JSON
Related for WPVDB-ID:57A6C672-905B-4931-9C04-26965A56A189
openvas1cvelist1nvd1cve1prion1