mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
910 B
910 B
CVE-2022-0423
&color=brighgreen)
Description
The 3D FlipBook WordPress plugin before 1.12.1 does not have authorisation and CSRF checks when updating its settings, and does not have any sanitisation/escaping, allowing any authenticated users, such as subscriber to put Cross-Site Scripting payloads in all pages with a 3d flipbook.
POC
Reference
Github
No PoCs found on GitHub currently.