CVE-2011-5107
NUCLEIAlert Before Your Post < 0.1.1 - Cross-Site Scripting via Name Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-5107. PoCs published by Am!r. A Nuclei detection template is also available.
AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in the Alert Before Your Post WordPress plugin. It fails to sanitize user input in the 'name' parameter, allowing arbitrary script execution in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in post_alert.php in Alert Before Your Post plugin, possibly 0.1.1 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter.
Exploits (1)
The exploit describes a cross-site scripting (XSS) vulnerability in the Alert Before Your Post WordPress plugin. It fails to sanitize user input in the 'name' parameter, allowing arbitrary script execution in the context of the affected site.