Lucene search
K

6 matches found

Circl
Circl
added 2023/10/31 5:21 p.m.5 views

CVE-2023-5229

creationtimestamp| type| source ---|---|--- 2023-10-31 17:21:14+00:00| seen| https://t.me/cibsecurity/73242...

4.8CVSS4.9AI score0.00402EPSS
Exploits2References1
OSV
OSV
added 2023/10/31 2:15 p.m.2 views

CVE-2023-5229

The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00402EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/10/31 1:54 p.m.8 views

CVE-2023-5229 E2Pdf < 1.20.20 - Admin+ Stored Cross-Site Scriping

The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

6.1AI score0.00402EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/10/31 1:54 p.m.26 views

CVE-2023-5229 E2Pdf < 1.20.20 - Admin+ Stored Cross-Site Scriping

The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.00402EPSS
Exploits2References1
CVE
CVE
added 2023/10/31 1:54 p.m.47 views

CVE-2023-5229

The CVE pertains to the WordPress plugin E2Pdf (versions prior to 1.20.20). The root cause is that the plugin does not sanitize and escape certain settings, enabling stored Cross-Site Scripting by high-privilege (Administrator) users, even when unfiltered_html is disallowed. Affected: E2Pdf WordP...

4.8CVSS4.7AI score0.00402EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/10/31 12:0 a.m.13 views

WordPress e2pdf Plugin < 1.20.20 is vulnerable to Cross Site Scripting (XSS)

Software e2pdf Type Plugin Vulnerable versions 1.20.20 Fixed in 1.20.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-5229 Patch priority Low CVSS severity Low 5.9 Developer E2Pdf.com PSID 5dd49f4334ad Credits Yassir Sbai Fahim Required privilege Administrator...

4.8CVSS6.9AI score0.00402EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder