Lucene search
K

4 matches found

NVD
NVD
added 2023/05/02 8:15 a.m.29 views

CVE-2023-1804

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

6.1CVSS6AI score0.00519EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/02 7:4 a.m.6 views

CVE-2023-1804 Product Catalog Feed by PixelYourSite < 2.1.1 - Reflected XSS

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

6AI score0.00519EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/02 7:4 a.m.38 views

CVE-2023-1804 Product Catalog Feed by PixelYourSite < 2.1.1 - Reflected XSS

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

6.2AI score0.00519EPSS
Exploits2References1
CVE
CVE
added 2023/05/02 7:4 a.m.61 views

CVE-2023-1804

The CVE-2023-1804 entry concerns the WordPress plugin Product Catalog Feed by PixelYourSite, affected in versions prior to 2.1.1. The underlying issue is that the edit parameter is not sanitised or escaped when output back into an attribute, resulting in a Reflected XSS vulnerability. The impact ...

6.1CVSS6.1AI score0.00519EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder