Park Won Seok

3 exploits Active since Jun 2026
CVE-2021-47983 EXPLOITDB MEDIUM text WORKING POC
WordPress Plugin Stripe Payments 2.0.39 Stored XSS via currency_code
WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settings[currency_code] parameter. Attackers can submit POST requests to /wp-admin/options.php with script payloads in the currency_code field to execute arbitrary JavaScript in administrator browsers when settings are viewed.
CVSS 6.4
CVE-2021-47982 EXPLOITDB MEDIUM text WORKING POC
WordPress Plugin WP-Paginate 2.1.3 Stored XSS via preset
WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter that are stored and executed when administrators view the settings.
CVSS 6.4
EIP-2026-114260 EXPLOITDB text WORKING POC
WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting