Lucene search
+L

4 matches found

nvd
nvd
added 2023/11/06 10:15 a.m.24 views

CVE-2023-47182

Cross-Site Request Forgery CSRF leading to a Stored Cross-Site Scripting XSS vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin = 3.5.2 versions...

8.8CVSS7.4AI score0.00206EPSS
Exploits0References1
cve
cve
added 2023/11/06 9:52 a.m.59 views

CVE-2023-47182

CVE-2023-47182 affects the WordPress plugin “Nazmul Hossain Nihal Login Screen Manager” ≤ 3.5.2. The root issue is a CSRF vulnerability that enables a Stored XSS payload when a logged-in admin is targeted, due to missing CSRF checks and insufficient sanitisation/escaping in some code paths. Repor...

8.8CVSS7.6AI score0.00206EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/11/06 9:52 a.m.29 views

CVE-2023-47182 WordPress Login Screen Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)

Cross-Site Request Forgery CSRF leading to a Stored Cross-Site Scripting XSS vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin = 3.5.2 versions...

7.1CVSS7.5AI score0.00206EPSS
Exploits0References1
patchstack
patchstack
added 2023/10/31 12:0 a.m.12 views

WordPress Login Screen Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Login Screen Manager Type Plugin Vulnerable versions = 3.5.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47182 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 33ab93e220c0 Credits Nano Required privilege...

8.8CVSS6.8AI score0.00206EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder