Lucene search
K

4 matches found

Cvelist
Cvelist
added 2023/08/16 11:3 a.m.34 views

CVE-2023-2122 Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting

The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...

6.3AI score0.0085EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/08/16 11:3 a.m.19 views

CVE-2023-2122 Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting

The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...

6.7AI score0.0085EPSS
Exploits2References1
CVE
CVE
added 2023/08/16 11:3 a.m.92 views

CVE-2023-2122

The CVE-2023-2122 entry concerns the Image Optimizer by 10web WordPress plugin (versions up to 1.0.26). It is vulnerable to a reflected XSS via the iowd_tabs_active parameter, which is sanitized/escaped insufficiently before rendering in the plugin admin panel. Impact is that an attacker could lu...

6.1CVSS6.1AI score0.0085EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/05/05 12:0 a.m.15 views

WordPress Image Optimizer by 10web Plugin < 1.0.27 is vulnerable to Cross Site Scripting (XSS)

Software Image Optimizer by 10web Type Plugin Vulnerable versions 1.0.27 Fixed in 1.0.27 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2122 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b135df868a4f Credits Phạm Ngọc Khá...

6.1CVSS5.6AI score0.0085EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder