5 matches found
CVE-2023-47659
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Lavacode Lava Directory Manager plugin = 1.1.34 versions...
CVE-2023-47659 WordPress Lava Directory Manager Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Lavacode Lava Directory Manager plugin = 1.1.34 versions...
CVE-2023-47659
CVE-2023-47659 is a stored XSS vulnerability in the Lava Directory Manager WordPress plugin by Lavacode, affecting versions up to 1.1.34. The vulnerability is exploitable by an authenticated contributor (per Patchstack) and remains unpatched in the public release history. Multiple sources corrobo...
CVE-2023-47659 WordPress Lava Directory Manager Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Lavacode Lava Directory Manager plugin = 1.1.34 versions...
WordPress Lava Directory Manager Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS)
Software Lava Directory Manager Type Plugin Vulnerable versions = 1.1.34 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47659 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cbb957e547b5 Credits Emili Castells...