Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.5 views

CVE-2023-2835

The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.6AI score0.00728EPSS
Exploits1References1
Circl
Circl
added 2023/06/02 12:40 p.m.7 views

CVE-2023-2835

creationtimestamp| type| source ---|---|--- 2023-06-02 12:40:12+00:00| seen| https://t.me/cibsecurity/64876...

6.1CVSS7.1AI score0.00728EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/06/02 7:15 a.m.3 views

CVE-2023-2835

The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS7AI score0.00728EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/06/02 6:6 a.m.31 views

CVE-2023-2835 WP Directory Kit <= 1.2.3 - Reflected Cross-Site Scripting via 'search'

The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.2AI score0.00728EPSS
Exploits1References3
CVE
CVE
added 2023/06/02 6:6 a.m.49 views

CVE-2023-2835

WP Directory Kit for WordPress is affected by a Reflected XSS in the search parameter up to version 1.2.3 due to insufficient input sanitization/escaping. Exploitation requires user interaction (e.g., clicking a link). Patch 1.2.4 fixes this issue; update to 1.2.4+ or apply mitigations as describ...

6.1CVSS6.4AI score0.00728EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder