6 matches found
WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS
Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected Versions: = 3.3.9 CVE ID: CVE-2023-0968 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Marco Wotschka Fully Patched Version: 3.3.9.1 Description:...
WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS Vulnerability
WordPress plugins Watu Quiz versions 3.3.9 and below, GN Publisher versions 1.5.5 and below, and Japanized For WooCommerce versions 2.5.4 and below suffer from cross site scripting vulnerabilities. Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected...
WordPress GN Publisher Plugin <= 1.5.5 is vulnerable to Cross Site Scripting (XSS)
Software GN Publisher Type Plugin Vulnerable versions = 1.5.5 Fixed in 1.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1080 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 791c76b450de Credits Marco Wotschka Required...
CVE-2023-1080
creationtimestamp| type| source ---|---|--- 2023-02-28 16:29:25+00:00| seen| https://t.me/cibsecurity/59098...
CVE-2023-1080
The GN Publisher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2023-1080
CVE-2023-1080 relates to the WordPress GN Publisher plugin. The GN Publisher plugin is vulnerable up to version 1.5.5 to a reflected Cross‑Site Scripting (XSS) via the tab parameter due to insufficient input sanitization and output escaping. An unauthenticated attacker could cause a user’s browse...