Store XSS Vulnerability in Wordpress plugin Editor.MD Version 1.6

There is a Store XSS Vulnerability in Wordpress plugin Editor.MD Version 1.6

post in content input the xss payload<img src=x onerror=alert(0)> can find xss.


and visite the post .

Discoverer:Funny.Wei  &  Lncken

CVE-ID:

CVE-2017-9336

One Comment

  1. alice /

    一天两个,高产出哦

Reply