Store XSS Vulnerability in WordPress plugin Editor.MD Version 1.6

There is a Store XSS Vulnerability in WordPress plugin Editor.MD Version 1.6

post in content input the xss payload<img src=x onerror=alert(0)> can find xss.


and visite the post .

Discoverer:Funny.Wei  &  Lncken

CVE-ID:

CVE-2017-9336

2 Comments.

  1. SB17-156: Vulnerability Summary for the Week of May 29, 2017 – Opsfolio /

    […] CVE-2017-9336MISC […]

  2. alice /

    一天两个,高产出哦

Reply