6 matches found
CVE-2023-5229
creationtimestamp| type| source ---|---|--- 2023-10-31 17:21:14+00:00| seen| https://t.me/cibsecurity/73242...
CVE-2023-5229
The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-5229 E2Pdf < 1.20.20 - Admin+ Stored Cross-Site Scriping
The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-5229 E2Pdf < 1.20.20 - Admin+ Stored Cross-Site Scriping
The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-5229
The CVE pertains to the WordPress plugin E2Pdf (versions prior to 1.20.20). The root cause is that the plugin does not sanitize and escape certain settings, enabling stored Cross-Site Scripting by high-privilege (Administrator) users, even when unfiltered_html is disallowed. Affected: E2Pdf WordP...
WordPress e2pdf Plugin < 1.20.20 is vulnerable to Cross Site Scripting (XSS)
Software e2pdf Type Plugin Vulnerable versions 1.20.20 Fixed in 1.20.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-5229 Patch priority Low CVSS severity Low 5.9 Developer E2Pdf.com PSID 5dd49f4334ad Credits Yassir Sbai Fahim Required privilege Administrator...