6 matches found
CVE-2023-28931
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Never5 Post Connector plugin = 1.0.9 versions...
Open redirect
Rejected reason: Duplicate, please use CVE-2023-28931 instead...
CVE-2023-28931
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Never5 Post Connector plugin = 1.0.9 versions...
CVE-2023-28931
Never5 Post Connector plugin prior to 1.0.9 is affected by a Stored Cross‑Site Scripting (XSS) vulnerability requiring admin+ authentication. The issue is mitigated by upgrading to version 1.0.9 or later.
WordPress Post Connector Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Post Connector Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.0.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28931 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID bcdd2a82b9f0 Credits Juampa Rodríguez Requir...
CVE-2022-3403
CVE-2022-3403 is a duplicate of CVE-2023-28931. Connected records show that CVE-2023-28931 describes a Stored Cross-Site Scripting (XSS) vulnerability in the Never5 Post Connector WordPress plugin versions <= 1.0.9. The available sources confirm the issue type (stored XSS) and affected softwar...