3 matches found
CVE-2023-2023
The CVE-2023-2023 entry concerns the Custom 404 Pro WordPress plugin (versions before 3.7.3). The underlying issue is insufficient escaping of URLs output in attributes, causing reflected XSS via parameters (e.g., search). The Nuclei template and Patchstack data confirm this class of vulnerabilit...
WordPress Custom 404 Pro Plugin < 3.7.3 is vulnerable to Cross Site Scripting (XSS)
Software Custom 404 Pro Type Plugin Vulnerable versions 3.7.3 Fixed in 3.7.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2023 Patch priority High CVSS severity High 7.1 Developer Kunal Nagar PSID f5c6964d03e8 Credits Chien Vuong Required privileg...
Cisco Prime Infrastructure Multiple Vulnerabilities (cisco-sa-pi-epnm-eRPWAXLe)
The version of Cisco Prime Infrastructure installed on the remote host is prior to 3.7.1, 3.8.1, 3.9.1 or 3.10.2. It is, therefore, affected by multiple vulnerabilities as referenced in the cisco-sa-pi-epnm-eRPWAXLe advisory: - An information disclosure vulnerability in the web-based management...