Lucene search
PRIOn knowledge basePRION:CVE-2023-2489HistoryJun 05, 2023 - 2:15 p.m.
Cross site scripting
2023-06-0514:15:00
PRIOn knowledge base
www.prio-n.com
2
stop spammers security
cross-site scripting
stored attacks
unfiltered html
high privilege users
wordpress
multisite.
0.001 Low
EPSS
Percentile
23.7%
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
| CPE | Name | Operator | Version |
|---|---|---|---|
| stop_spammers | lt | 2023 |
Related
wpvulndb
wpvulndb
Stop Spammers Security < 2023 - Admin+ Stored XSS
2023-05-15 00:00:00
wpexploit
wpexploit
Stop Spammers Security < 2023 - Admin+ Stored XSS
2023-05-15 00:00:00
cve
cve
CVE-2023-2489
2023-06-05 14:15:10
cvelist
cvelist
CVE-2023-2489 Stop Spammers Security < 2023 - Admin+ Stored XSS
2023-06-05 13:38:59
nvd
nvd
CVE-2023-2489
2023-06-05 14:15:10
wordfence
wordfence