Lucene search

CVE-2023-6487

🗓️ 22 May 2024 08:08:15Reported by [email protected]Type

The LuckyWP Table of Contents plugin for WordPress has a Stored Cross-Site Scripting vulnerability in the 'Header Title' field up to version 2.1.

Reporter	Title	Published	Views	Family All 6
Vulnrichment	CVE-2023-6487 LuckyWP Table of Contents <= 2.1.4 - Authenticated(Administrator+) Cross-Site Scripting	22 May 202407:37	–	vulnrichment
CVE	CVE-2023-6487	22 May 202408:15	–	cve
Cvelist	CVE-2023-6487 LuckyWP Table of Contents <= 2.1.4 - Authenticated(Administrator+) Cross-Site Scripting	22 May 202407:37	–	cvelist
Patchstack	WordPress LuckyWP Table of Contents Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)	23 May 202400:00	–	patchstack
WPVulnDB	LuckyWP Table of Contents <= 2.1.4 - Authenticated(Administrator+) Cross-Site Scripting	21 May 202400:00	–	wpvulndb
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024)	30 May 202415:23	–	wordfence

Source	Link
wordpress	www.wordpress.org/plugins/luckywp-table-of-contents/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/88075c15-079f-4de2-8e15-374eb7b8c77b

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 May 2024 08:15Current

4.7Medium risk

Vulners AI Score4.7

CVSS34.4

EPSS0.00043