Lucene search
+L

4 matches found

NVD
NVD
added 2023/07/10 4:15 p.m.20 views

CVE-2023-2026

The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS4.8AI score0.00542EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/07/10 12:40 p.m.29 views

CVE-2023-2026 Image Protector <= 1.1 - Admin+ Stored Cross-Site Scripting

The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00542EPSS
Exploits2References1
CVE
CVE
added 2023/07/10 12:40 p.m.40 views

CVE-2023-2026

CVE-2023-2026 affects the Image Protector WordPress plugin (

4.8CVSS4.9AI score0.00542EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/06/21 12:0 a.m.11 views

WordPress Defa Online Image Protector Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Defa Online Image Protector Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2026 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 01e5a8f2cad7 Credits Shreya Pohekar...

4.8CVSS5.7AI score0.00542EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder