Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.10 views

CVE-2023-2503

The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00458EPSS
Exploits2References1
OSV
OSV
added 2023/06/05 2:15 p.m.1 views

CVE-2023-2503

The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.8AI score0.00458EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/06/05 1:38 p.m.29 views

CVE-2023-2503 10WebSocial < 1.2.9 - Reflected XSS

The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00458EPSS
Exploits2References1
CVE
CVE
added 2023/06/05 1:38 p.m.68 views

CVE-2023-2503

CVE-2023-2503 affects the 10Web Social Post Feed WordPress plugin (pre-1.2.9). Root cause: the plugin does not sanitize/escape certain parameters before output, enabling a Reflected XSS under admin contexts. Impact per sources: MEDIUM (CVSS 3.1 base 6.1). Remediation: upgrade to plugin version 1....

6.1CVSS6.1AI score0.00458EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/05 1:38 p.m.11 views

CVE-2023-2503 10WebSocial < 1.2.9 - Reflected XSS

The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6AI score0.00458EPSS
Exploits2References1
Rows per page
Query Builder