• Stars
    star
    2
  • Language
  • Created over 2 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields

More Repositories

1

Automate-Telegram

Simple python program to execute terminal commands on telegram chats directly.
Python
40
star
2

Your-First-Contribution

You may learn how to make successful pull requests and get your first valid open source contribution by using this repository.
C++
26
star
3

Dutch-Government-Scopes

https://english.ncsc.nl/contact/reporting-a-vulnerability-cvd
20
star
4

30-Days-of-PHP-source-code-analysis

30 Days of PHP source code analysis
14
star
5

PassEnum

Enumerate most common password patterns with custom keyword.
CSS
10
star
6

Udemy-Auto-Enroller

Input list of udemy free courses and let python enroll it for you.
Python
7
star
7

OSCP-Like-Machines

https://blog.veshraj.info.np/
5
star
8

CVE-2022-1597

The plugin, used as a companion for the Discy and Himer themes, does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks
4
star
9

Port-Scanner

Simple Port Scanner By newbie :)
Python
4
star
10

SocialTimeOut

Have a break from social life
Shell
3
star
11

veshraj.github.io

Assignments
CSS
3
star
12

PhpLearning

PHP
2
star
13

VeshSite

SCSS
2
star
14

CVE-2021-24545

The plugin does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could perform Cross-Site Scripting attacks against users, which could potentially lead to privilege escalation when an admin view the related post/s.
2
star
15

C-Programming-Tutorials

1
star
16

CVE-2022-1598

WPQA < 5.5 - Unauthenticated Private Message Disclosure
1
star
17

SATechnicalOnboarding

HTML
1
star
18

V35HR4J

Hi, nice to see you here!
1
star
19

RandomAPIs

Python
1
star
20

reviewing-a-pull-request

HTML
1
star
21

CVE-2021-24563

The plugin does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly
1
star
22

Searchor-2.4.1-RCE

searchor is a โšก๏ธ Quick and easy search engine queries. Affected versions of this package are vulnerable to Arbitrary Code Execution due to unsafe implementation of eval method.
Python
1
star