Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2023/08/16 11:3 a.m.16 views

CVE-2023-2225 SEO ALert <= 1.59 - Admin+ Stored XSS

The SEO ALert WordPress plugin through 1.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.00472EPSS
Exploits3References1
Cvelist
Cvelist
added 2023/08/16 11:3 a.m.37 views

CVE-2023-2225 SEO ALert <= 1.59 - Admin+ Stored XSS

The SEO ALert WordPress plugin through 1.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00472EPSS
Exploits3References1
CVE
CVE
added 2023/08/16 11:3 a.m.57 views

CVE-2023-2225

CVE-2023-2225 affects the SEO ALert WordPress plugin (versions 1.59 and earlier). The issue arises because the plugin does not sanitize/escape certain settings, enabling stored XSS by high-privilege users (e.g., admins), including in multisite environments. CVSS 3.1 shows 4.8 base score (MEDIUM) ...

4.8CVSS4.6AI score0.00472EPSS
Exploits3References1Affected Software1
Packet Storm
Packet Storm
added 2023/07/25 12:0 a.m.344 views

WordPress SEO Alert 1.59 Cross Site Scripting

Tittle: WordPress Plugin SEO ALert 3. Save to get the XSS trigger. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/0af475ba-5c02-4f62-876d-6235a745bbd6...

7.1AI score0.00472EPSS
Exploits3
Patchstack
Patchstack
added 2023/04/27 12:0 a.m.13 views

WordPress SEO ALert Plugin <= 1.5.9 is vulnerable to Cross Site Scripting (XSS)

Software SEO ALert Type Plugin Vulnerable versions = 1.5.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2225 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 10e4776e7e3a Credits N/A Required privilege...

4.8CVSS6AI score0.00472EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder