Lucene search
K

4 matches found

Patchstack
Patchstack
added 2023/01/06 12:0 a.m.10 views

WordPress Swifty Page Manager Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Swifty Page Manager Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0087 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 783dea52e7e8 Credits Marco Wotschka Require...

5.5CVSS6AI score0.00647EPSS
Exploits1References2Affected Software1
Circl
Circl
added 2023/01/05 10:19 p.m.7 views

CVE-2023-0087

creationtimestamp| type| source ---|---|--- 2023-01-05 22:19:13+00:00| seen| https://t.me/cibsecurity/56000...

5.5CVSS4.9AI score0.00647EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/01/05 6:13 p.m.26 views

CVE-2023-0087 Swifty Page Manager <= 3.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘spmpluginoptionspagetreemaxwidth’ parameter in versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...

5.5CVSS5.3AI score0.00647EPSS
Exploits1References2
CVE
CVE
added 2023/01/05 6:13 p.m.42 views

CVE-2023-0087

The CVE-2023-0087 issue affects the WordPress Swifty Page Manager plugin up to version 3.0.1. It is caused by insufficient input sanitization and output escaping in the spm_plugin_options_page_tree_max_width parameter, enabling stored XSS. Impact requires administrator-level access to inject scri...

5.5CVSS4.7AI score0.00647EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder