4 matches found
CVE-2023-4372
The CVE-2023-4372 entry describes a Stored Cross‑Site Scripting (XSS) vulnerability in the WordPress LiteSpeed Cache plugin (versions ≤ 5.6). The root cause is insufficient input sanitization and output escaping on attributes of the esi shortcode, enabling authenticated attackers with contributor...
WordPress LiteSpeed Cache Plugin <= 5.6 is vulnerable to Cross Site Scripting (XSS)
Software LiteSpeed Cache Type Plugin Vulnerable versions = 5.6 Fixed in 5.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4372 Patch priority Low CVSS severity Low 6.5 Developer Hai Zheng / Lite Speed Cache PSID 74d771679daa Credits Lana Codes...
WordPress LiteSpeed Cache 5.6 Cross Site Scripting Vulnerability
Vulnerability Summary from Wordfence Intelligence Description: LiteSpeed Cache = 5.6 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: LiteSpeed Cache Plugin Slug: litespeed-cache Affected Versions: = 5.6 CVE ID: CVE-2023-4372 CVSS Score: 6.4 Medium CVSS...
WordPress LiteSpeed Cache 5.6 Cross Site Scripting
Vulnerability Summary from Wordfence Intelligence Description: LiteSpeed Cache = 5.6 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: LiteSpeed Cache Plugin Slug: litespeed-cache Affected Versions: = 5.6 CVE ID: CVE-2023-4372 CVSS Score: 6.4 Medium CVSS...