cleantalk
Vulnerabilities and Security Researches

Powie's WHOIS Domain Check, d3dab2d8480cee7d7dee5a00bb968b4cee6c154a

CVE, Research URL

d3dab2d8480cee7d7dee5a00bb968b4cee6c154a

Home page URL

Security reports for Powie's WHOIS Domain Check

Application

Powie's WHOIS Domain Check

Published on
Jul 07, 2020
Research Description
Powie&#039;s WHOIS Domain Check [powies-whois] < 0.9.32 Power's WHOIS Domain Check <= 0.9.31 - Authenticated Stored Cross-Site Scripting The Power's WHOIS Domain Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 0.9.31 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 0.9.32.
Status
vulnerable
Previous vulnerability researches
Powie&#039;s WHOIS Domain Check (CVE-2020-37225) , May 16, 2026
Powie&#039;s WHOIS Domain Check (762efd828a5492860013f6b836d6c23b2af66b74) , Jun 06, 2024
Powie&#039;s WHOIS Domain Check (d3dab2d8480cee7d7dee5a00bb968b4cee6c154a) , Jun 16, 2026
Powie&#039;s WHOIS Domain Check (8c8a8a35-a04f-429e-8843-8201eebab421) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026