5 matches found
CVE-2023-22684
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Subscribers.Com Subscribers plugin = 1.5.3 versions...
CVE-2023-22684
creationtimestamp| type| source ---|---|--- 2023-05-15 14:29:33+00:00| seen| https://t.me/cibsecurity/64090...
CVE-2023-22684
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Subscribers.Com Subscribers plugin = 1.5.3 versions...
CVE-2023-22684
CVE-2023-22684 is an authenticated stored Cross-Site Scripting (XSS) vulnerability in the Subscribers.Com Subscribers WordPress plugin, affecting versions up to 1.5.3. The issue requires admin+ privileges and can result in payloads stored by the plugin and reflected to users. Public risk context ...
WordPress Subscribers – Free Web Push Notifications Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)
Software Subscribers – Free Web Push Notifications Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-22684 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 892cf19e4971 Credi...