Lucene search
K

4 matches found

CVE
CVE
added 2024/01/11 8:32 a.m.74 views

CVE-2023-4372

The CVE-2023-4372 entry describes a Stored Cross‑Site Scripting (XSS) vulnerability in the WordPress LiteSpeed Cache plugin (versions ≤ 5.6). The root cause is insufficient input sanitization and output escaping on attributes of the esi shortcode, enabling authenticated attackers with contributor...

6.4CVSS5.1AI score0.19684EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/10/26 12:0 a.m.18 views

WordPress LiteSpeed Cache Plugin <= 5.6 is vulnerable to Cross Site Scripting (XSS)

Software LiteSpeed Cache Type Plugin Vulnerable versions = 5.6 Fixed in 5.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4372 Patch priority Low CVSS severity Low 6.5 Developer Hai Zheng / Lite Speed Cache PSID 74d771679daa Credits Lana Codes...

6.4CVSS5.8AI score0.19684EPSS
Exploits2References3Affected Software1
0day.today
0day.today
added 2023/10/24 12:0 a.m.363 views

WordPress LiteSpeed Cache 5.6 Cross Site Scripting Vulnerability

Vulnerability Summary from Wordfence Intelligence Description: LiteSpeed Cache = 5.6 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: LiteSpeed Cache Plugin Slug: litespeed-cache Affected Versions: = 5.6 CVE ID: CVE-2023-4372 CVSS Score: 6.4 Medium CVSS...

6.4CVSS6AI score0.19684EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/10/24 12:0 a.m.419 views

WordPress LiteSpeed Cache 5.6 Cross Site Scripting

Vulnerability Summary from Wordfence Intelligence Description: LiteSpeed Cache = 5.6 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: LiteSpeed Cache Plugin Slug: litespeed-cache Affected Versions: = 5.6 CVE ID: CVE-2023-4372 CVSS Score: 6.4 Medium CVSS...

7.1AI score0.19684EPSS
Exploits2
Rows per page
Query Builder