top of page
Sentence 12
The Jannah WordPress theme before 5.4.5 did not properly sanitize the 'query' POST parameter in its tie_ajax_search AJAX action, leading to a Reflected Cross-site Scripting (XSS) vulnerability.
Actual
Tags:
-
Exploit mechanism: Cross-site Scripting (XSS)
-
Exploit objective: None
-
Attack pathway: 'query' POST parameter
Predicted
Tags:
-
Exploit mechanism: Reflected Cross-site Scripting (XSS)
-
Exploit objective: execute arbitrary JavaScript code
-
Attack pathway: 'query' POST parameter in its tie_ajax_search AJAX action
bottom of page