Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:24 a.m.8 views

CVE-2023-52125

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly iframe allows Stored XSS.This issue affects iframe: from n/a through 4.8...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2024/01/05 11:13 a.m.60 views

CVE-2023-52125

CVE-2023-52125 refers to a stored XSS vulnerability in the WordPress iframe plugin, exploitable via the iframe shortcode’s srcdoc handling. The issue is described as an authenticated Stored Cross-Site Scripting vulnerability (via srcdoc) affecting iframe users up to version 4.8, with a patch indi...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/05 11:13 a.m.39 views

CVE-2023-52125 WordPress iFrame Plugin <= 4.8 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly iframe allows Stored XSS.This issue affects iframe: from n/a through 4.8...

6.5CVSS6.6AI score0.00328EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/12/28 12:0 a.m.17 views

WordPress iFrame Plugin <= 4.8 is vulnerable to Cross Site Scripting (XSS)

Software iFrame Type Plugin Vulnerable versions = 4.8 Fixed in 4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-52125 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID eecbc6285d96 Credits LVT-tholv2k Required privilege Contributor Publishe...

6.5CVSS6.6AI score0.00328EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder