Lucene search
WPScanCVELIST:CVE-2023-2399HistoryJun 19, 2023 - 10:52 a.m.
CVE-2023-2399 qubotchat < 1.1.6 - Unauthenticated Stored XSS
2023-06-1910:52:51
WPScan
www.cve.org
cve-2023-2399
qubot
wordpress
plugin
user input
chat
bad code
reflected
dashboard
0.001 Low
EPSS
Percentile
23.0%
The QuBot WordPress plugin before 1.1.6 doesn’t filter user input on chat, leading to bad code inserted on it be reflected on the user dashboard.
CNA Affected
[
{
"vendor": "Unknown",
"product": "QuBot",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "1.1.6"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
cve
cve
CVE-2023-2399
2023-06-19 11:15:10
wpexploit
wpexploit
qubotchat < 1.1.6 - Unauthenticated Stored XSS
2023-05-22 00:00:00
wpvulndb
wpvulndb
qubotchat < 1.1.6 - Unauthenticated Stored XSS
2023-05-22 00:00:00
prion
prion
Input validation
2023-06-19 11:15:00
nvd
nvd
CVE-2023-2399
2023-06-19 11:15:10