5 matches found
CVE-2023-2333
creationtimestamp| type| source ---|---|--- 2023-08-02 00:47:47+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4843...
CVE-2023-2333 Ninja Forms Google Sheet Connector < 1.2.7 - Reflected XSS
The Ninja Forms Google Sheet Connector WordPress plugin before 1.2.7, gsheetconnector-ninja-forms-pro WordPress plugin through 1.2.7 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users...
CVE-2023-2333 Ninja Forms Google Sheet Connector < 1.2.7 - Reflected XSS
The Ninja Forms Google Sheet Connector WordPress plugin before 1.2.7, gsheetconnector-ninja-forms-pro WordPress plugin through 1.2.7 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users...
CVE-2023-2333
The Ninja Forms Google Sheet Connector (and gsheetconnector-ninja-forms-pro) in WordPress is affected by CVE-2023-2333. The flaw arises because the plugin does not escape a parameter before echoing it into an HTML attribute, enabling a Reflected Cross‑Site Scripting vulnerability. Affected versio...
WordPress Ninja Forms Google Sheet Connector Plugin < 1.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Ninja Forms Google Sheet Connector Type Plugin Vulnerable versions 1.2.7 Fixed in 1.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2333 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 3ac3c4160a9a Credits Erwan...