AttackFeed by Joe Wagner | Stored XSS "Create Page" Functionality - seotoasterv2.5.0  - Full Disclosure

Stored XSS “Create Page” Functionality – seotoasterv2.5.0  – Full Disclosure

Posted on By Joe-W
Alert Feeds

 

Posted by Andrey Stoykov on Jul 29

# Exploit Title: Stored XSS “Create Page” Functionality – seotoasterv2.5.0
# Date: 07/2025
# Exploit Author: Andrey Stoykov
# Version: 2.5.0
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

Stored XSS “Create Page” Functionality #1:

Steps to Reproduce

1. Login with admin and visit “Pages” > “Create a Page”
2. In the “Meta Description” add the following payload…
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery  – Full Disclosure
July 9, 2025
Alert Feeds
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)  – Full Disclosure
October 15, 2025
Alert Feeds
Multi-Protocol Traceroute  – Full Disclosure
August 18, 2025
Alert Feeds
Defense in depth — the Microsoft way (part 91): yet another 30 year old bug of the “Properties” shell extension  – Full Disclosure
August 4, 2025
AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.