1337day-Exploits Posted July 29, 2022 Share Posted July 29, 2022 Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tp_tp" that is vulnerable to an unauthenticated/authenticated reflected cross site scripting vulnerability when user-supplied input to the HTTP GET parameter "q" is processed by the web application. Since the application does not properly validate and sanitize this parameter, it is possible to place arbitrary script code onto the same page. This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
.png.e337492d02c345db2116506bc63cff1d.png.0dc0909174d6ced1d5ff3c1bbf051030.png)
.png.e337492d02c345db2116506bc63cff1d.png)
Hack Tools Resurrection
1337day-Exploits
Recommended Posts