Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.11 views

CVE-2023-2029

The PrePost SEO WordPress plugin through 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.4AI score0.00633EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2023/07/25 12:0 a.m.368 views

WordPress PrePost SEO 3.0 Cross Site Scripting

Tittle: WordPress Plugin PrePost SEO " 2. Save and see XSS exploit. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/4889ad5a-c8c4-4958-b176-64560490497b...

4.8CVSS7.1AI score0.00633EPSS
Exploits3
NVD
NVD
added 2023/07/10 4:15 p.m.69 views

CVE-2023-2029

The PrePost SEO WordPress plugin through 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS4.7AI score0.00633EPSS
Exploits3References2
CVE
CVE
added 2023/07/10 12:41 p.m.49 views

CVE-2023-2029

CVE-2023-2029 concerns the PrePost SEO WordPress plugin (versions <= 3.0). The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by improper sanitization of certain settings, enabling high-privilege users to inject script even when unfiltered_html is disallowed (e.g., multisite)...

4.8CVSS4.9AI score0.00633EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder