Lucene search
K

196 matches found

NVD
NVD
added 2023/12/29 11:15 a.m.27 views

CVE-2023-51399

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

6.5CVSS0.00328EPSS
Exploits0References1
OSV
OSV
added 2023/12/29 11:15 a.m.4 views

CVE-2023-51399

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

5.4CVSS7.3AI score0.00328EPSS
Exploits0References1
Prion
Prion
added 2023/12/29 11:15 a.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

4.9CVSS6.9AI score0.00328EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/29 10:20 a.m.42 views

CVE-2023-51399

The CVE-2023-51399 affects the WordPress WPFactory Back Button Widget plugin (versions ≤ 1.6.3). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact: stored XSS in widget output; PRI/impact as documented (low confidentiality, integrity, availabilit...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.4 views

PT-2023-31807 · Wpfactory · Wpfactory Back Button Widget

Name of the Vulnerable Software and Affected Versions: WPFactory Back Button Widget versions 1.6.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attack...

6.5CVSS6.1AI score0.00328EPSS
Exploits0References6
NVD
NVD
added 2023/11/14 9:15 p.m.23 views

CVE-2023-47547

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin = 2.0.7 versions...

7.1CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2023/11/14 9:15 p.m.5 views

CVE-2023-47547

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin = 2.0.7 versions...

6.1CVSS7.3AI score
Exploits0References1
Prion
Prion
added 2023/11/14 9:15 p.m.13 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin = 2.0.7 versions...

5.8CVSS6.2AI score0.00412EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/14 8:45 p.m.48 views

CVE-2023-47547

CVE-2023-47547 affects the WPFactory Products, Order & Customers Export for WooCommerce plugin. It is an unauthenticated, reflected XSS in export functionality, impacting versions up to and including 2.0.7. Public sources confirm exploitation vectors rely on injecting scripts via exposed export p...

7.1CVSS6.1AI score0.00412EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/08/05 11:15 p.m.22 views

CVE-2023-36689

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...

7.1CVSS6.2AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2023/08/05 11:15 p.m.5 views

CVE-2023-36689

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...

6.1CVSS5.8AI score0.00351EPSS
Exploits0References1
Prion
Prion
added 2023/08/05 11:15 p.m.21 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...

5.8CVSS6AI score0.00351EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/05 10:22 p.m.15 views

CVE-2023-36689 WordPress WPFactory Helper Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2023/08/05 10:22 p.m.51 views

CVE-2023-36689

WPFactory Helper plugin for WordPress is affected by an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in versions 1.5.2 (version 1.5.3 or later). There is no detailed root-cause description beyond “Unauth. Reflected XSS,” and no exploit code is included in the connected docu...

7.1CVSS6AI score0.00351EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/08/05 12:0 a.m.6 views

WordPress plugin WPFactory WPFactory Helper Cross Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.1AI score0.00351EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/07/04 12:0 a.m.9 views

WordPress WPFactory Helper Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Software WPFactory Helper Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36689 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4681ca256d88 Credits Le Ngoc Anh...

7.1CVSS5.7AI score0.00351EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder