Self-reflected XSS in WordPress DirectoriesPro 1.3.45 plugin disclosure.

Posted by Jack Misiura via Fulldisclosure on Dec 11

Title: Self-reflected XSS

Product: WordPress DirectoriesPro Plugin by SabaiApps

Vendor Homepage: https://directoriespro.com/

Vulnerable Version: 1.3.45

Fixed Version: 1.3.46

CVE Number: CVE-2020-29304

Author: Jack Misiura from The Missing Link

Website: https://www.themissinglink.com.au

Timeline:

2020-11-26 Disclosed to Vendor

2020-11-27 Vendor releases patched version

2020-12-07 Fix confirmed

2020-12-10 Publication

1. Vulnerability…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source