Lucene search
PRIOn knowledge basePRION:CVE-2023-6941HistoryJan 15, 2024 - 4:15 p.m.
Cross site scripting
2024-01-1516:15:00
PRIOn knowledge base
www.prio-n.com
7
keap official opt-in forms
wordpress plugin
stored cross-site scripting
high privilege users
multisite setup
The Keap Official Opt-in Forms WordPress plugin through 1.0.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).
| CPE | Name | Operator | Version |
|---|---|---|---|
| official_opt-in_forms | le | 1.0.11 |
Related
cve
cve
CVE-2023-6941
2024-01-15 16:15:12
wpexploit
wpexploit
Keap Official Opt-in Forms <= 1.0.11 - Admin+ Stored XSS
2023-12-21 00:00:00
wpvulndb
wpvulndb
Keap Official Opt-in Forms <= 1.0.11 - Admin+ Stored XSS
2023-12-21 00:00:00
cvelist
cvelist
CVE-2023-6941 Keap Official Opt-in Forms <= 1.0.11 - Admin+ Stored XSS
2024-01-15 15:10:38
nvd
nvd
CVE-2023-6941
2024-01-15 16:15:12