Lucene search
K

5 matches found

NVD
NVD
added 2023/09/22 6:15 a.m.21 views

CVE-2023-4774

The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

6.4CVSS5.7AI score0.00523EPSS
Exploits0References3
OSV
OSV
added 2023/09/22 6:15 a.m.20 views

CVE-2023-4774

The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

5.4CVSS5.8AI score
Exploits0References3
Cvelist
Cvelist
added 2023/09/22 5:31 a.m.32 views

CVE-2023-4774 WP-Matomo Integration (WP-Piwik) <= 1.0.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

6.4CVSS5.8AI score0.00523EPSS
Exploits0References3
CVE
CVE
added 2023/09/22 5:31 a.m.92 views

CVE-2023-4774

WP-Matomo Integration (WP-Piwik) for WordPress is affected by CVE-2023-4774 via a stored XSS in the wp-piwik shortcode. Versions up to and including 1.0.28 are vulnerable due to insufficient input sanitization and output escaping on shortcode attributes, allowing authenticated attackers with cont...

6.4CVSS5.1AI score0.00523EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/09/22 12:0 a.m.12 views

WordPress WP-Piwik Plugin <= 1.0.28 is vulnerable to Cross Site Scripting (XSS)

Software WP-Piwik Type Plugin Vulnerable versions = 1.0.28 Fixed in 1.0.29 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4774 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f64120d18a7 Credits Lana Codes Required privilege...

6.4CVSS6AI score0.00523EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder