Lucene search
K

4 matches found

NVD
NVD
added 2023/04/24 7:15 p.m.12 views

CVE-2023-0899

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before outputting it back in the Shoutbox, leading to Stored Cross-Site Scripting which could be used against high privilege users such as admins...

6.1CVSS5.9AI score0.00458EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/04/24 6:30 p.m.16 views

CVE-2023-0899 Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated Stored XSS

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before outputting it back in the Shoutbox, leading to Stored Cross-Site Scripting which could be used against high privilege users such as admins...

6AI score0.00458EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/04/24 6:30 p.m.5 views

CVE-2023-0899 Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated Stored XSS

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before outputting it back in the Shoutbox, leading to Stored Cross-Site Scripting which could be used against high privilege users such as admins...

5.8AI score0.00458EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/04/12 12:0 a.m.11 views

WordPress Steveas WP Live Chat Shoutbox Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Steveas WP Live Chat Shoutbox Type Plugin Vulnerable versions = 1.4.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0899 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 96c9d942cc37 Credits Simone...

6.1CVSS5.6AI score0.00458EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder