4 matches found
CVE-2023-0548
creationtimestamp| type| source ---|---|--- 2025-03-10 19:39:13+00:00| seen| Telegram/4UKnw2uSlMGeRijGoXOQb4KV1bJmreY1hqniR4BFXk7AUp...
WordPress Namaste! LMS Plugin < 2.5.9.4 is vulnerable to Cross Site Scripting (XSS)
Software Namaste! LMS Type Plugin Vulnerable versions 2.5.9.4 Fixed in 2.5.9.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0548 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2cc963427a7a Credits Felipe Restrepo Rodriguez...
CVE-2023-0548
The Namaste! LMS WordPress plugin is affected in versions before 2.5.9.4. The issue arises because the plugin does not fully sanitize/escape certain settings, enabling Stored XSS for high-privilege users (e.g., Administrators) even when unfiltered_html is disallowed (including multisite setups). ...
CVE-2023-0548 Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS
The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...