4 matches found
CVE-2023-1861
The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks...
CVE-2023-1861 Limit Login Attempts < 1.7.2 - Subscriber+ Stored XSS
The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks...
CVE-2023-1861
CVE-2023-1861 affects the Limit Login Attempts WordPress plugin (versions
WordPress Limit Login Attempts Plugin <= 1.7.1 is vulnerable to Cross Site Scripting (XSS)
Software Limit Login Attempts Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1861 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID fec01c1cd5c8 Credits Marc-Alexandre...