Store XSS Vulnerability in Wordpress plugin WP Markdown Editor Version 2.0.3

There is a Store XSS Vulnerability in Wordpress plugin WP Markdown Editor Version 2.0.3


When i use Wordpress plugin WP Markdown Editor  add new post or edit post i fund a store xss vulnerability

x0.png

post in content input the xss payload <img src=x onerror=alert(0)> can find xss

x1.png


and click Toggle preview button

x2.png

 

and visite the post

x3.png


暂无评论

发布评论