4 matches found
CVE-2023-50905
creationtimestamp| type| source ---|---|--- 2024-02-29 06:57:52+00:00| seen| Telegram/W9PJnvrwy8CsFFuM9mweKEHzwZSHVTfBsUbSx10chmudNBV4 2024-02-29 07:21:55+00:00| seen| https://t.me/ctinow/196268 2024-02-29 07:26:32+00:00| seen| https://t.me/ctinow/196285...
CVE-2023-50905
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log allows Stored XSS.This issue affects WP Activity Log: from n/a through 4.6.1...
CVE-2023-50905
CVE-2023-50905 is a stored XSS in the WordPress plugin WP Activity Log (Melapress) affecting versions up to 4.6.1. The root cause is improper neutralization of input during web page generation. Consequences include stored JavaScript execution if an attacker injects payload into the vulnerable fie...
WordPress WP Activity Log Plugin <= 4.6.1 is vulnerable to Cross Site Scripting (XSS)
Software WP Activity Log Type Plugin Vulnerable versions = 4.6.1 Fixed in 4.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50905 Patch priority Medium CVSS severity Medium 7.1 Developer Melapress PSID 69f398753cfe Credits NamGyu Kang Required privilege...