hash3liZer - Security Researcher - Exploit Intelligence Platform

CVE-2019-9978 NOMISEC MEDIUM WORKING POC

Social Warfare and Social Warfare Pro < 3.5.3 - Stored Cross-Site Scripting via swp_debug Parameter

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.

22 stars

CVSS 6.1

View Code

CVE-2019-9978 NOMISEC MEDIUM WORKING POC

Social Warfare and Social Warfare Pro < 3.5.3 - Stored Cross-Site Scripting via swp_debug Parameter

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.

1 stars

CVSS 6.1

View Code

CVE-2019-9978 EXPLOITDB MEDIUM python WORKING POC

Social Warfare and Social Warfare Pro < 3.5.3 - Stored Cross-Site Scripting via swp_debug Parameter

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.

CVSS 6.1

View Code

CVE-2019-9978 EXPLOITDB MEDIUM python WORKING POC

Social Warfare and Social Warfare Pro < 3.5.3 - Stored Cross-Site Scripting via swp_debug Parameter

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.

CVSS 6.1

View Code