Lucene search
K

4 matches found

Circl
Circl
added 2023/04/17 4:42 p.m.8 views

CVE-2023-0374

creationtimestamp| type| source ---|---|--- 2023-04-17 16:42:07+00:00| seen| https://t.me/cibsecurity/62290...

5.4CVSS6.7AI score0.00444EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/04/17 12:17 p.m.27 views

CVE-2023-0374 W4 Post List < 2.4.6 - Contributor+ Stored XSS

The W4 Post List WordPress plugin before 2.4.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00444EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/04/17 12:17 p.m.4 views

CVE-2023-0374 W4 Post List < 2.4.6 - Contributor+ Stored XSS

The W4 Post List WordPress plugin before 2.4.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.3AI score0.00444EPSS
Exploits2References1
CVE
CVE
added 2023/04/17 12:17 p.m.73 views

CVE-2023-0374

CVE-2023-0374 affects the W4 Post List WordPress plugin prior to version 2.4.6. The vulnerability arises from insufficient validation/escaping of block options before output in a page/post where the block is embedded, enabling Stored XSS by users with Contributor+ privileges. Public details from ...

5.4CVSS5.5AI score0.00444EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder