mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 15:15:46 +02:00
0xMarcio
2.1 KiB
2.1 KiB
CVE-2020-13487
Description
The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI.
POC
Reference
Github
- https://github.com/0xsaju/Awesome-Bugbounty-Writeups
- https://github.com/302Found1/Awesome-Writeups
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles
- https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups
- https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups
- https://github.com/Prodrious/writeups
- https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups
- https://github.com/SunDance29/for-learning
- https://github.com/TheBountyBox/Awesome-Writeups
- https://github.com/abuzafarhaqq/bugBounty
- https://github.com/ajino2k/Awesome-Bugbounty-Writeups
- https://github.com/alexbieber/Bug_Bounty_writeups
- https://github.com/blitz-cmd/Bugbounty-writeups
- https://github.com/bot8080/awesomeBugbounty
- https://github.com/bugrider/devanshbatham-repo
- https://github.com/choudharyrajritu1/Bug_Bounty-POC
- https://github.com/cybershadowvps/Awesome-Bugbounty-Writeups
- https://github.com/dalersinghmti/writeups
- https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
- https://github.com/dipesh259/Writeups
- https://github.com/ducducuc111/Awesome-Bugbounty-Writeups
- https://github.com/kurrishashi/Awesome-Bugbounty-Writeups
- https://github.com/piyushimself/Bugbounty_Writeups
- https://github.com/plancoo/Bugbounty_Writeups
- https://github.com/sreechws/Bou_Bounty_Writeups
- https://github.com/webexplo1t/BugBounty