Lucene search

CVE-2023-0034

🗓️ 13 Feb 2023 15:20:15Reported by [email protected]Type

The JetWidgets plugin before 1.0.14 in WordPress does not validate and escape some shortcode attributes, leading to Stored Cross-Site Scripting attack

Reporter	Title	Published	Views	Family All 7
Vulnrichment	CVE-2023-0034 JetWidgets For Elementor < 1.0.14 - Contributor+ Stored XSS via Shortcode	13 Feb 202314:32	–	vulnrichment
Cvelist	CVE-2023-0034 JetWidgets For Elementor < 1.0.14 - Contributor+ Stored XSS via Shortcode	13 Feb 202314:32	–	cvelist
WPVulnDB	JetWidgets For Elementor < 1.0.14 - Contributor+ Stored XSS via Shortcode	21 Dec 202200:00	–	wpvulndb
wpexploit	JetWidgets For Elementor < 1.0.14 - Contributor+ Stored XSS via Shortcode	21 Dec 202200:00	–	wpexploit
Prion	Cross site scripting	13 Feb 202315:15	–	prion
CVE	CVE-2023-0034	13 Feb 202315:15	–	cve
Patchstack	WordPress JetWidgets For Elementor Plugin <= 1.0.13 is vulnerable to Cross Site Scripting (XSS)	19 Jan 202300:00	–	patchstack

Nvd

Node

crocoblock jetwidgets_for_elementorRange≤1.0.13wordpress

Source	Link
wpscan	www.wpscan.com/vulnerability/ffbdb8a1-19c3-45e9-81b0-ad47a0791c4a

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Feb 2023 15:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS35.4

EPSS0.00275