mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
840 B
840 B
CVE-2023-5167
&color=brighgreen)
Description
The User Activity Log Pro WordPress plugin before 2.3.4 does not properly escape recorded User-Agents in the user activity logs dashboard, which may allow visitors to conduct Stored Cross-Site Scripting attacks.
POC
Reference
- https://wpscan.com/vulnerability/78ea6fe0-5fac-4923-949c-023c85fe2437
- https://wpscan.com/vulnerability/78ea6fe0-5fac-4923-949c-023c85fe2437
Github
No PoCs found on GitHub currently.