Lucene search
K

5 matches found

Nuclei
Nuclei
added 8 hours ago47 views

WP Helper Lite < 4.3 - Cross-Site Scripting

The WP Helper Lite WordPress plugin, in versions 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability. id: CVE-2023-0448 info: name: WP Helper Lite 4.3 - Cross-Site Scripting author: ritikchaddha severity: medium description: | T...

6.1CVSS6.4AI score0.44513EPSS
Exploits2References4
NVD
NVD
added 2023/01/26 9:18 p.m.37 views

CVE-2023-0448

The WP Helper Lite WordPress plugin, in versions 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability...

6.1CVSS5.9AI score0.44513EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/01/24 12:0 a.m.19 views

WordPress WP Helper Premium Plugin < 4.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Helper Premium Type Plugin Vulnerable versions 4.3 Fixed in 4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0448 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c74257beed9d Credits Joshua Martinelle Required...

6.1CVSS5.9AI score0.44513EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.4 views

CVE-2023-0448

The WP Helper Lite WordPress plugin, in versions 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability...

6.4AI score0.44513EPSS
Exploits2References1
CVE
CVE
added 2023/01/24 12:0 a.m.89 views

CVE-2023-0448

The CVE-2023-0448 entry concerns the WordPress WP Helper Lite plugin, affected versions prior to 4.3. The issue arises because the plugin returns all GET parameters unsanitized in responses, enabling a reflected cross-site scripting (XSS) vulnerability. Practical impact described across sources i...

6.1CVSS5.9AI score0.44513EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder