CVEs-PoC/2022/CVE-2022-0200.md at dc3bd6cd71a486f862e7cf4da52fce4cfeb10e52

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 22:35:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the num_of_pages parameter before outputting it back the response of the themify_create_popup_page_pagination AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting

POC

Reference

https://wpscan.com/vulnerability/bbc0b812-7b30-4ab4-bac8-27c706b3f146

Github

https://github.com/ARPSyndicate/cvemon

857 B Raw Blame History

CVE-2022-0200

Description

POC

Reference

Github

857 B

Raw Blame History