1. Reverse Engineering >
  2. Exploits >
  3. seo-redirection plugin up to 4.2 on WordPress Stored cross site scripting

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

seo-redirection plugin up to 4.2 on WordPress Stored cross site scripting


Exploits vom | Direktlink: vuldb.com Nachrichten Bewertung

A vulnerability was found in seo-redirection plugin up to 4.2 on WordPress (WordPress Plugin). It has been classified as problematic. This affects an unknown function. Upgrading to version 4.3 eliminates this vulnerability....
https://vuldb.com/?id.140469

Externe Quelle mit kompletten Inhalt anzeigen


Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

Cast user_id to int to prevent XSS

vom 2080.73 Punkte ic_school_black_18dp
Introducing type casting to avoid XSS. This vulnerability affects the following application versions: Yoast SEO 1.6.2 Yoast SEO 1.6.3 Yoast SEO 1.7 Yoast SEO 1.7.1

Add escaping to different admin sections to prevent XSS

vom 1803.3 Punkte ic_school_black_18dp
Various admin sections were not properly sanitized against XSS. This vulnerability affects the following application versions: Yoast SEO 1.5.5 Yoast SEO 1.5.5.1 Yoast SEO 1.5.5.2

Add sanitation to Input variables in the bulk editor and ajax module to prevent XSS

vom 1583.67 Punkte ic_school_black_18dp
Input variables in the bulk editor and ajax module were vulnerable to XSS. This vulnerability affects the following application versions: Yoast SEO 1.5.5 Yoast SEO 1.5.5.1 Yoast SEO 1.5.5.2

Added escaping to metabox text field to prevent XSS

vom 1456.51 Punkte ic_school_black_18dp
Certain inputs were not properly escaped against an XSS attack. This vulnerability affects the following application versions: Yoast SEO 2.0 Yoast SEO 2.0.1 Yoast SEO 2.1 Yoas

Adding key sanitation for attributes to prevent XSS

vom 1456.51 Punkte ic_school_black_18dp
Attributes were not properly sanitized as keys to prevent XSS. This vulnerability affects the following application versions: Yoast SEO 3.2 Yoast SEO 3.2.1 Yoast SEO 3.2.2 Yoast SEO 3.

Sitemap sanitation added to avoid XSS

vom 1398.71 Punkte ic_school_black_18dp
The sitemap request server was not properly sanitized against XSS. This vulnerability affects the following application versions: Yoast SEO 2.2 Yoast SEO 2.2.1 Yoast SEO 2.3 Yoast SEO

Ensure latest comments can only be viewed from public posts

vom 1393.05 Punkte ic_school_black_18dp
Issue where comments from password-protected posts and pages could be displayed under certain conditions. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 Wor

Escaping promo extension message to prevent XSS

vom 1387.15 Punkte ic_school_black_18dp
The promo extension messages were not properly escaped which could result in an XSS attack. This vulnerability affects the following application versions: Yoast SEO 2.3 Yoast SEO 2.3.1 Yoast SEO 2.3.2

Add a new filter to extend set-screen-option

vom 1345.01 Punkte ic_school_black_18dp
Issue where set-screen-option could be misused by plugins leading to privilege escalation. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7

Prevent HTML decoding on by setting the proper editor context

vom 1345.01 Punkte ic_school_black_18dp
XSS issue where authenticated users with low privileges were able to add JavaScript to posts in the block editor. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 Wor

Ensure that wp_validate_redirect() sanitizes a wider variety of characters

vom 1345.01 Punkte ic_school_black_18dp
Open redirect issue in wp_validate_redirect(). This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7 WordPress 3.7.1

Added escaping to admin views to avoid XSS

vom 1317.8 Punkte ic_school_black_18dp
A range of elements were not properly escaped against a possible XSS attack. This vulnerability affects the following application versions: Yoast SEO 3.2 Yoast SEO 3.2.1 Yoast SEO 3.2.2

Team Security Diskussion über seo-redirection plugin up to 4.2 on WordPress Stored cross site scripting