Lucene search
K

4 matches found

0day.today
0day.today
added 2017/12/20 12:0 a.m.56 views

WordPress CSV Import-Export 1.1 Cross Site Scripting Vulnerability

WordPress CSV Import-Export plugin version 1.1 suffers from a cross site scripting vulnerability. Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripti...

4.3CVSS6.2AI score0.00845EPSS
Exploits2
Packet Storm
Packet Storm
added 2017/12/20 12:0 a.m.92 views

WordPress CSV Import-Export 1.1 Cross Site Scripting

Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote...

6.4AI score0.00845EPSS
Exploits2
NVD
NVD
added 2017/12/19 8:29 p.m.31 views

CVE-2017-17753

Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 cietype, 2 cieimport, 3 cieupdate, or 4 cieignore parameter to includes/admin/views/esb-cie-import-export-page.ph...

6.1CVSS6.2AI score0.00845EPSS
Exploits2References1
CVE
CVE
added 2017/12/19 8:0 p.m.51 views

CVE-2017-17753

The CVE-2017-17753 entry concerns the WordPress plugin esb-csv-import-export (versions up to 1.1). The vulnerability is an XSS in includes/admin/views/esb-cie-import-export-page.php where the GET parameters cie_type, cie_import, cie_update, and cie_ignore are echoed back to the user without prope...

6.1CVSS6.1AI score0.00845EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder