Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2023/02/28 12:0 a.m.12 views

WordPress ShopLentor Plugin < 2.5.4 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:hasthemes:woolentor-woocommerceelementoraddons%2bbuilder";...

9.8CVSS6.6AI score0.03317EPSS
Exploits3References2
Cvelist
Cvelist
added 2023/02/21 8:50 a.m.26 views

CVE-2023-0231 ShopLentor < 2.5.4 - Contributor+ Stored XSS

The ShopLentor WordPress plugin before 2.5.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.1AI score0.00534EPSS
Exploits2References1
CVE
CVE
added 2023/02/21 8:50 a.m.64 views

CVE-2023-0231

CVE-2023-0231 affects the ShopLentor WordPress plugin up to version 2.5.4. Multiple connected sources confirm the vulnerability stems from not validating and escaping certain block options when outputting them in a page/post where a block is embedded, allowing Stored Cross-Site Scripting for user...

5.4CVSS5.3AI score0.00534EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/21 8:50 a.m.6 views

CVE-2023-0231 ShopLentor < 2.5.4 - Contributor+ Stored XSS

The ShopLentor WordPress plugin before 2.5.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.00534EPSS
Exploits2References1
Rows per page
Query Builder