Description
Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Landing Pages SQL Injection (1.2.1)
Drupal Core 9.0.x Multiple Cross-Site Scripting Vulnerabilities (9.0.0 - 9.0.5)
phpMyFAQ Incorrect Authorization Vulnerability (CVE-2024-22208)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6098)
WordPress Plugin Simple Backup Arbitrary File Download (2.7.10)