Lucene search
K

5 matches found

OSV
OSV
added 2023/02/13 3:15 p.m.4 views

CVE-2023-0177

The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.4CVSS6.1AI score0.00477EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/02/13 2:32 p.m.8 views

CVE-2023-0177 Social Like Box and Page by WpDevArt < 0.8.41 - Contributor+ Stored XSS

The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.3AI score0.00477EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/02/13 2:32 p.m.26 views

CVE-2023-0177 Social Like Box and Page by WpDevArt < 0.8.41 - Contributor+ Stored XSS

The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.5AI score0.00477EPSS
Exploits2References1
CVE
CVE
added 2023/02/13 2:32 p.m.53 views

CVE-2023-0177

The CVE-2023-0177 entry concerns the WordPress plugin Social Like Box and Page by WpDevArt (versions before 0.8.41). The vulnerability arises because the plugin does not validate and escape certain shortcode attributes before output, enabling Stored XSS for users with the Contributor role and abo...

5.4CVSS5.3AI score0.00477EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/01/23 12:0 a.m.14 views

WordPress Social Like Box and Page by WpDevArt Plugin < 0.8.41 is vulnerable to Cross Site Scripting (XSS)

Software Social Like Box and Page by WpDevArt Type Plugin Vulnerable versions 0.8.41 Fixed in 0.8.41 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0177 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ef846e0a5f6e Credi...

5.4CVSS5.9AI score0.00477EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder