Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.19 views

CVE-2023-2223

The Login rebuilder WordPress plugin before 2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.6AI score0.00552EPSS
Exploits3References1
CVE
CVE
added 2023/05/30 7:49 a.m.81 views

CVE-2023-2223

The CVE-2023-2223 entry concerns the WordPress plugin Login Rebuilder prior to version 2.8.1, which does not sanitize/escape certain settings. This allows high-privilege users (e.g., admins) to perform a Stored XSS, even when unfiltered_html is disallowed (such as in multisite). The root cause is...

4.8CVSS4.9AI score0.00552EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2023/05/30 7:49 a.m.72 views

CVE-2023-2223 Login Rebuilder < 2.8.1 - Admin+ Stored XSS

The Login rebuilder WordPress plugin before 2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00552EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2023/05/30 7:49 a.m.14 views

CVE-2023-2223 Login Rebuilder < 2.8.1 - Admin+ Stored XSS

The Login rebuilder WordPress plugin before 2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.6AI score0.00552EPSS
Exploits3References2
Patchstack
Patchstack
added 2023/05/11 12:0 a.m.25 views

WordPress Login Rebuilder Plugin < 2.8.1 is vulnerable to Cross Site Scripting (XSS)

Software Login Rebuilder Type Plugin Vulnerable versions 2.8.1 Fixed in 2.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2223 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b98403680c8c Credits Taurus Omar Required...

4.8CVSS5.7AI score0.00552EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder