CVE-2021-24367 – WP Config File Editor <= 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24367
The WP Config File Editor WordPress plugin through 1.7.1 was affected by an Authenticated Stored Cross-Site Scripting (XSS) vulnerability. El plugin de WordPress WP Config File Editor versiones hasta 1.7.1, estaba afectado por una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenada y Autenticada • https://wpscan.com/vulnerability/f35b7c8f-cfb6-42b6-8a3a-8c07cd1e9da0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-9336
https://notcve.org/view.php?id=CVE-2017-9336
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post. El plugin WP Editor.MD versión 1.6 para WordPress, tiene una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en el contenido de un mensaje. • http://lncken.cn/?p=258 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-10877 – WP Editor <= 1.2.6.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-10877
The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues. El plugin wp-editor anterior a la versión 1.2.6.3 para WordPress tiene múltiples problemas de XSS. • https://wordpress.org/plugins/wp-editor/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •