There is a Store XSS Vulnerability in WordPress plugin Markdown on Save Improved Version 2.5
post in content input the xss payload <img src=x onerror=alert(0)>
and click Toggle preview button
and visite the post can find xss
Discoverer:Funny.Wei & Lncken
CVE ID :
唔,了解到这是一个影响灰常坏的plugin了。
小表情被过滤了。
某个plugin的啊