Lucene search

CVE-2023-25064

🗓️ 20 Mar 2023 11:11:15Reported by PatchstackType

Matteo Candura WP htpasswd plugin XSS vulnerability

Reporter	Title	Published	Views	Family All 7
Patchstack	WordPress WP htpasswd Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)	2 Feb 202300:00	–	patchstack
NVD	CVE-2023-25064	20 Mar 202311:15	–	nvd
Vulnrichment	CVE-2023-25064 WordPress WP htpasswd Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)	20 Mar 202310:40	–	vulnrichment
WPVulnDB	WP htpasswd <= 1.7 - Admin+ Stored XSS	2 Feb 202300:00	–	wpvulndb
Cvelist	CVE-2023-25064 WordPress WP htpasswd Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)	20 Mar 202310:40	–	cvelist
Prion	Cross site scripting	20 Mar 202311:15	–	prion
Wordfence Blog	Wordfence Intelligence CE Weekly Vulnerability Report (1-30-2023 to 2-5-2023)	9 Feb 202315:31	–	wordfence

Nvd

Vulners

Node

wp_htpasswd_project wp_htpasswdRange≤1.7wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-htpasswd",
    "product": "WP htpasswd",
    "vendor": "Matteo Candura",
    "versions": [
      {
        "lessThanOrEqual": "1.7",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/wp-htpasswd/wordpress-wp-htpasswd-plugin-1-7-cross-site-scripting-xss

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Mar 2023 11:15Current

4.9Medium risk

Vulners AI Score4.9

CVSS34.8 - 5.9

EPSS0.0005

SSVC

CWE-79

cve-2023-25064 auth admin+stored xss cross-site scripting matteo candura wp htpasswd plugin nvd