漏洞标题
LearnPress – WordPress LMS Plugin <= 4.1.3.1 Authenticated Stored Cross-Site Scripting
漏洞描述信息
LearnPress - WordPress LMS 插件 <= 4.1.3.1 验证过的存储型跨站脚本漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
LearnPress – WordPress LMS Plugin <= 4.1.3.1 Authenticated Stored Cross-Site Scripting
漏洞描述信息
The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. Please note that this is seperate from CVE-2021-24702.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
漏洞类别
Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)
漏洞标题
WordPress plugin LearnPress 跨站脚本漏洞
漏洞描述信息
WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress plugin LearnPress 存在跨站脚本漏洞,该漏洞源于 ~/inc/admin/views/backend-user-profile.php 文件中的 $custom_profile 参数转义不足。该参数允许具有管理用户访问权限的攻击者注入任意Web 脚本。
CVSS信息
N/A
漏洞类别
跨站脚本