CVEs-PoC/2016/CVE-2016-10952.md

CVE-2016-10952

Description

The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.

POC

Reference

• https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_quotes_collection_wordpress_plugin.html
• https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_quotes_collection_wordpress_plugin.html
• https://wpvulndb.com/vulnerabilities/8649
• https://wpvulndb.com/vulnerabilities/8649

Github

• https://github.com/ARPSyndicate/cvemon