CVEs-PoC/2021/CVE-2021-24351.md at 52f3262c8d52545fc4e20c2a38454fc446c51385

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-26 05:17:47 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

The theplus_more_post AJAX action of The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.12 did not properly sanitise some of its fields, leading to a reflected Cross-Site Scripting (exploitable on both unauthenticated and authenticated users)

POC

Reference

https://wpscan.com/vulnerability/2ee62f85-7aea-4b7d-8b2d-5d86d9fb8016
https://wpscan.com/vulnerability/2ee62f85-7aea-4b7d-8b2d-5d86d9fb8016

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/JoshMorrison99/my-nuceli-templates

994 B Raw Blame History

CVE-2021-24351

Description

POC

Reference

Github

994 B

Raw Blame History