Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.7 views

CVE-2023-0212

The Advanced Recent Posts WordPress plugin through 0.6.14 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

5.4CVSS5.5AI score0.00471EPSS
Exploits2References1
Circl
Circl
added 2023/03/06 4:12 p.m.5 views

CVE-2023-0212

creationtimestamp| type| source ---|---|--- 2023-03-06 16:12:51+00:00| seen| https://t.me/cibsecurity/59477 2025-03-08 04:34:10+00:00| seen| Telegram/SAsgFKMlXhfG1zoDDCzbRrGKILsf3kl1bMbdwSMNbPXvkgQ1...

5.4CVSS5.5AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/03/06 1:34 p.m.55 views

CVE-2023-0212

CVE-2023-0212 affects the Advanced Recent Posts WordPress plugin (versions 0.6.14 and earlier). The issue is that certain shortcode attributes are not validated or escaped before being output in posts/pages, enabling stored XSS if a user with contributor privileges or higher views the page. The v...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/03/06 1:34 p.m.22 views

CVE-2023-0212 Advanced Recent Posts <= 0.6.14 - Contributor+ Stored XSS

The Advanced Recent Posts WordPress plugin through 0.6.14 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

5.5AI score0.00471EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.11 views

WordPress Advanced Recent Posts Plugin <= 0.6.14 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Recent Posts Type Plugin Vulnerable versions = 0.6.14 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0212 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 40ae855e2918 Credits Lana Codes...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/16 12:0 a.m.28 views

Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0212)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0212 advisory. - In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway SSG...

5.4CVSS5.1AI score0.00203EPSS
Exploits0References2
Rows per page
Query Builder