cve/CVE-2016-1564.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a (1) stylesheet name or (2) template name to wp-admin/customize.php.

POC

Reference

https://wpvulndb.com/vulnerabilities/8358
https://wpvulndb.com/vulnerabilities/8358

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Afetter618/WordPress-PenTest
https://github.com/breindy/Week7-WordPress-Pentesting
https://github.com/dog23/week-7
https://github.com/jxmesito/WordPress-vs.-Kali
https://github.com/krs2070/WordPressVsKaliProject
https://github.com/lindaerin/wordpress-pentesting
https://github.com/njulia2/CS4984
https://github.com/sunnyl66/CyberSecurity
https://github.com/timashana/WordPress-Pentesting
https://github.com/yifengjin89/Web-Security-Weeks-7-8-Project-WordPress-vs.-Kali

1.2 KiB Raw Blame History

CVE-2016-1564

Description

POC

Reference

Github

1.2 KiB

Raw Blame History