CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting

WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the...

6.1CVSS6.4AI score0.02839EPSS

Exploits2References3

RedhatCVE•added 2025/05/23 8:20 a.m.•1 views

CVE-2024-10048

The Post Status Notifier Lite and Premium plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.11.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS5.6AI score0.01998EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:0 a.m.•4 views

CVE-2023-47766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...

7.1CVSS6.9AI score0.00087EPSS

Exploits0References1

CVE•added 2024/10/29 8:31 a.m.•39 views

CVE-2024-10048

CVE-2024-10048 affects the WordPress plugins Post Status Notifier Lite and Premium up to version 1.11.6, with a Reflected Cross-Site Scripting via the ‘page’ parameter caused by insufficient input sanitization and output escaping. An unauthenticated attacker could inject web scripts into pages ex...

6.1CVSS6AI score0.01998EPSS

Exploits0References2

Patchstack•added 2024/10/29 5:10 a.m.•3 views

WordPress Post Status Notifier Premium plugin <= 1.11.6 - Reflected Cross-Site Scripting via page vulnerability

Reflected Cross-Site Scripting via page vulnerability discovered by Colin Xu in WordPress Plugin Post Status Notifier Premium versions = 1.11.6...

6.1CVSS6.4AI score0.01998EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/10/29 5:9 a.m.•1 views

WordPress Post Status Notifier Lite plugin <= 1.11.6 - Reflected Cross-Site Scripting via page vulnerability

Reflected Cross-Site Scripting via page vulnerability discovered by Colin Xu in WordPress Plugin Post Status Notifier Lite versions = 1.11.6...

6.1CVSS6.4AI score0.01998EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/10/29 12:0 a.m.•9 views

WordPress Post Status Notifier Lite Plugin <= 1.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Post Status Notifier Lite Type Plugin Vulnerable versions = 1.11.6 Fixed in 1.11.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa83a961050b Credits Colin...

6.1CVSS5.5AI score0.01998EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/10/29 12:0 a.m.•2 views

PT-2024-15995 · WordPress · Post Status Notifier Lite +1

Name of the Vulnerable Software and Affected Versions: Post Status Notifier Lite and Premium plugins for WordPress versions up to, and including, 1.11.6 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output...

6.1CVSS6.8AI score0.01998EPSS

Exploits0References7

Patchstack•added 2024/10/29 12:0 a.m.•6 views

WordPress Post Status Notifier Premium Plugin <= 1.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Post Status Notifier Premium Type Plugin Vulnerable versions = 1.11.6 Fixed in 1.11.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5dcdb37cb71e Credits...

6.1CVSS5.5AI score0.01998EPSS

Exploits0References2Affected Software1

NVD•added 2023/11/22 10:15 p.m.•8 views

CVE-2023-47766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...

7.1CVSS0.00087EPSS

Exploits0References1

OSV•added 2023/11/22 10:15 p.m.•0 views

CVE-2023-47766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...

6.1CVSS7.3AI score

Exploits0References1

Prion•added 2023/11/22 10:15 p.m.•15 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...

5.8CVSS7.1AI score0.00087EPSS

Exploits0References1Affected Software1

CVE•added 2023/11/22 9:56 p.m.•77 views

CVE-2023-47766

CVE-2023-47766 affects the WordPress plugin Post Status Notifier Lite (versions

7.1CVSS6.6AI score0.00087EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/11/22 12:0 a.m.•2 views

WordPress Plugin Post Status Notifier Lite Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS6AI score0.00087EPSS

Exploits0References2

Positive Technologies•added 2023/11/22 12:0 a.m.•2 views

PT-2023-30595 · Timo Reith · Post Status Notifier Lite

Name of the Vulnerable Software and Affected Versions: Timo Reith Post Status Notifier Lite plugin versions = 1.11.0 Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. Recommendations: For Timo Reith Post Statu...

7.1CVSS6.6AI score0.00087EPSS

Exploits0References3

Patchstack•added 2023/11/14 12:0 a.m.•9 views

WordPress Post Status Notifier Lite Plugin <= 1.11.0 is vulnerable to Cross Site Scripting (XSS)

Software Post Status Notifier Lite Type Plugin Vulnerable versions = 1.11.0 Fixed in 1.11.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47766 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 689a35bf0f0b Credits LEE SE...

7.1CVSS5.6AI score0.00087EPSS

Exploits0References2Affected Software1

OSV•added 2023/01/09 11:15 p.m.•0 views

CVE-2022-4325

The Post Status Notifier Lite WordPress plugin before 1.10.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high privilege users such as admin...

6.1CVSS5.8AI score0.02839EPSS

Exploits2References1

NVD•added 2023/01/09 11:15 p.m.•8 views

CVE-2022-4325

6.1CVSS6AI score0.02839EPSS

Exploits2References1

CVE•added 2023/01/09 10:13 p.m.•69 views

CVE-2022-4325

CVE-2022-4325 affects the WordPress plugin Post Status Notifier Lite prior to version 1.10.1. The issue is a reflected XSS caused by improper sanitization/escaping of a parameter before output on the page, enabling an attacker to pull off script execution in the context of the site and potentiall...

6.1CVSS6AI score0.02839EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2023/01/09 10:13 p.m.•5 views

CVE-2022-4325 Post Status Notifier Lite < 1.10.1 - Reflected XSS

6AI score0.02839EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by