WordPress Plugin Vulnerabilities

MSMC – Redirect After Comment - Unauthenticated XSS & CSRF

Description

The msmc-redirect-after-comment WordPress plugin was affected by an Unauthenticated XSS & CSRF security vulnerability.

Affects Plugins

Plugin icon
msmc-redirect-after-comment
No known fix

References

URL
https://advisories.dxw.com/advisories/csrf-stored-xss-in-msmc-redirect-after-comment/
URL
https://seclists.org/fulldisclosure/2017/May/26

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
0341acff-eedb-4805-8b82-aa3aaad7fcf8

Timeline

Publicly Published
2017-05-08 (about 9 years ago)
Added
2017-05-11 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2015-05-11
Title
WP Fast Cache <= 1.4 - CSRF & Cross-Site Scripting (XSS)
Published
2014-08-01
Title
WordPress <= 1.5 - Multiple Vulnerabilities (XSS, SQLi)
Published
2016-07-19
Title
Icegram <= 1.9.18 - Cross-Site Request Forgery (CSRF) & XSS
Published
2015-09-26
Title
Appointment Booking Calendar < 1.1.8 - Multiple Reflected Cross-Site Scripting (XSS) and SQL Injection
Published
2015-05-08
Title
YARPP – Yet Another Related Posts Plugin 4.2.4 - CSRF / XSS / RCE