Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.7 views

CVE-2023-3344

The Auto Location for WP Job Manager via Google WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS5.7AI score0.00439EPSS
Exploits1References1
NVD
NVD
added 2023/07/24 11:15 a.m.24 views

CVE-2023-3344

The Auto Location for WP Job Manager via Google WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS4.7AI score0.00439EPSS
Exploits1References1
CVE
CVE
added 2023/07/24 10:20 a.m.61 views

CVE-2023-3344

The CVE-2023-3344 entry concerns the WordPress plugin Auto Location for WP Job Manager via Google, prior to version 1.1. It stems from insufficient sanitisation/escaping of certain plugin settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins), including scenarios wh...

4.8CVSS5AI score0.00439EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/07/24 10:20 a.m.20 views

CVE-2023-3344 Auto Location for WP Job Manager via Google < 1.1 - Admin+ Cross Site Scripting

The Auto Location for WP Job Manager via Google WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

5AI score0.00439EPSS
Exploits1References1
Patchstack
Patchstack
added 2023/07/07 12:0 a.m.10 views

WordPress Auto Location for WP Job Manager via Google Plugin < 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Auto Location for WP Job Manager via Google Type Plugin Vulnerable versions 1.1 Fixed in 1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3344 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2c713955c43e Credits Bo...

4.8CVSS5.8AI score0.00439EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder