Lucene search
K

45 matches found

OSV
OSV
added 2023/02/06 8:15 p.m.3 views

CVE-2022-4833

The YourChannel: Everything you want in a YouTube plugin WordPress plugin before 1.2.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.0055EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/02/06 7:59 p.m.7 views

CVE-2023-0282 YourChannel < 1.2.2 - Subscriber+ Stored XSS

The YourChannel WordPress plugin before 1.2.2 does not sanitize and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks...

6.3AI score0.0051EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/02/06 7:59 p.m.9 views

CVE-2022-4833 YourChannel: Everything you want in a YouTube plugin < 1.2.3 - Contributor+ Stored XSS via Shortcode

The YourChannel: Everything you want in a YouTube plugin WordPress plugin before 1.2.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

6AI score0.0055EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/02/06 12:0 a.m.4 views

WordPress plugin YourChannel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.0051EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/02/06 12:0 a.m.6 views

WordPress plugin YourChannel跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.0055EPSS
Exploits1References2
Rows per page
Query Builder