cve/CVE-2015-6535.md at 88e5fb8579a05a745ee9298121063720b1e1feba

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed plugin before 3.3.3 for WordPress allows remote administrators to inject arbitrary web script or HTML via the Profile name field (youtube_embed_name parameter).

POC

Reference

http://packetstormsecurity.com/files/133340/WordPress-YouTube-Embed-3.3.2-Cross-Site-Scripting.html
https://wpvulndb.com/vulnerabilities/8163

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/DarrylJB/codepath_week78
https://github.com/breindy/Week7-WordPress-Pentesting
https://github.com/innabaryanova/WordPress-Pentesting
https://github.com/lindaerin/wordpress-pentesting
https://github.com/timashana/WordPress-Pentesting
https://github.com/yifengjin89/Web-Security-Weeks-7-8-Project-WordPress-vs.-Kali

1.1 KiB Raw Blame History

CVE-2015-6535

Description

POC

Reference

Github

1.1 KiB

Raw Blame History