mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 17:50:34 +00:00
843 B
843 B
CVE-2022-0899
&color=brighgreen)
Description
The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting.
POC
Reference
- https://wpscan.com/vulnerability/1772417a-1abb-4d97-9694-1254840defd1
- https://wpscan.com/vulnerability/1772417a-1abb-4d97-9694-1254840defd1
Github
No PoCs found on GitHub currently.