Lucene search
K

5 matches found

NVD
NVD
added 2023/09/06 9:15 a.m.14 views

CVE-2023-40328

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Carrrot plugin = 1.1.0 versions...

5.9CVSS5.4AI score0.00316EPSS
Exploits0References1
OSV
OSV
added 2023/09/06 9:15 a.m.2 views

CVE-2023-40328

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Carrrot plugin = 1.1.0 versions...

4.8CVSS7.3AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2023/09/06 8:26 a.m.30 views

CVE-2023-40328

The CVE-2023-40328 entry concerns Carrrot WordPress plugin versions ≤ 1.1.0, with an authenticated admin+ Stored XSS vulnerability. Root cause: improper handling/escaping of parameters that allows stored XSS when an admin+ user loads the affected page. Impact is described as cross-site scripting ...

5.9CVSS5.1AI score0.00316EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/06 8:26 a.m.17 views

CVE-2023-40328 WordPress Carrot Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Carrrot plugin = 1.1.0 versions...

5.9CVSS5.5AI score0.00316EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/08/16 12:0 a.m.11 views

WordPress Carrot Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Carrot Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40328 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4994efcb84ef Credits Prasanna V Balaji Required privile...

5.9CVSS5.7AI score0.00316EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder