{"id":7716,"date":"2021-12-02T19:07:25","date_gmt":"2021-12-03T02:07:25","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&#038;p=7716"},"modified":"2023-02-22T12:36:24","modified_gmt":"2023-02-22T19:36:24","slug":"cve-2021-33851-stored-cross-site-scripting-in-wordpress-customize-login-image","status":"publish","type":"zerodays","link":"https:\/\/10.42.32.162\/zerodays\/cve-2021-33851-stored-cross-site-scripting-in-wordpress-customize-login-image\/","title":{"rendered":"CVE-2021-33851 &#8211; Stored Cross-Site Scripting in WordPress Customize Login Image"},"content":{"rendered":"<p>A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user\u2019s browser while the browser is connected to a trusted website. The attack targets your application&#8217;s users and not the application itself while using your application as the attack&#8217;s vehicle. The XSS payload executes whenever the user opens the login page of the WordPress application.<\/p>\n","protected":false},"featured_media":12151,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7716"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":8,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7716\/revisions"}],"predecessor-version":[{"id":14810,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7716\/revisions\/14810"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/12151"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=7716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}