Support » Plugin: Clicky by Yoast » Security Bug

  • Hello,
    I found A Stored xss Bug.

    Reproduce this bug:-

    1:- Go to Clicky Configuration
    2.Enter Xss Payload @ Site ID:
    3. save
    4.xss payload executed. it is stored xss.

    yes it require admin access but it is also a valid bug.. as Bug bounty program over internet..

    patch & notify me ASAP

    https://wordpress.org/plugins/clicky/

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security Bug’ is closed to new replies.