Stored XSS On Wordpress Infogram plugin
Medium
Vulnerability Details
Hello Team,
There is a Stored XSS Vulnerability On Wordpress Infogram plugin.
**Wordpress version : 4.5**
**Infogram plugin version : 1.5.1**
After installing wordpress and infogram plugin.
I created a project to infogram with the following name **"><img src=x onerror=prompt(0);>** and I Created a simple report.
Then I go back to my wordpress site to add an infogram graphic using **Add from infogram** Button.
a window opens with a pop up.
Best regards,
Actions
View on HackerOneReport Stats
- Report ID: 287688
- State: Closed
- Substate: resolved
- Upvotes: 6