Lucene search
+L

5 matches found

0day.today
0day.today
added 2023/10/03 12:0 a.m.433 views

WordPress KiviCare 3.2.0 Cross Site Scripting Vulnerability

Exploit Title: WP Plugins KiviCare 3.2.0 - Reflected Cross-Site Scripting Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/kivicare-clinic-management-system/ Vendor Homepage: https://kivicare.io/ Version: 3.2.0 Tested on: Windows, Linux CVE: CVE-2023-2624 Product Description...

6.1CVSS6.5AI score0.01156EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/10/03 12:0 a.m.362 views

WordPress KiviCare 3.2.0 Cross Site Scripting

Exploit Title: WP Plugins KiviCare 3.2.0 - Reflected Cross-Site Scripting Date: 03-10-2023 Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/kivicare-clinic-management-system/ Vendor Homepage: https://kivicare.io/ Version: 3.2.0 Tested on: Windows, Linux CVE: CVE-2023-2624...

6.1CVSS7.1AI score0.01156EPSS
Exploits4
CVE
CVE
added 2023/06/27 1:17 p.m.69 views

CVE-2023-2624

The CVE-2023-2624 weakness affects the KiviCare WordPress plugin prior to 3.2.1. The vulnerability is a Reflected Cross-Site Scripting caused by not sanitising/escaping inputs (notably the filterType parameter in get_weekly_appointment), allowing injection of scripts in the context of an authenti...

6.1CVSS5.9AI score0.01156EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2023/06/27 1:17 p.m.26 views

CVE-2023-2624 KiviCare Management System < 3.2.1 - Reflected Cross-Site Scripting

The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrator...

6.2AI score0.01156EPSS
Exploits4References2
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.13 views

WordPress KiviCare Plugin < 3.2.1 is vulnerable to Cross Site Scripting (XSS)

Software KiviCare Type Plugin Vulnerable versions 3.2.1 Fixed in 3.2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2624 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 80bebdf9e719 Credits Arvandy Required privilege...

6.1CVSS5.6AI score0.01156EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder