Lucene search
K

4 matches found

Patchstack
Patchstack
added 2023/10/17 12:0 a.m.19 views

WordPress Magee Shortcodes Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Magee Shortcodes Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4783 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d85a6a8988a2 Credits Dmitrii Ignatyev Required...

5.4CVSS5.8AI score0.00403EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2023/10/16 8:15 p.m.25 views

CVE-2023-4783

The Magee Shortcodes WordPress plugin through 2.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.3AI score0.00403EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/10/16 7:39 p.m.9 views

CVE-2023-4783 Magee Shortcodes <= 2.1.1 - Contributor+ Stored XSS via shortcode

The Magee Shortcodes WordPress plugin through 2.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.3AI score0.00403EPSS
Exploits2References1
CVE
CVE
added 2023/10/16 7:39 p.m.50 views

CVE-2023-4783

CVE-2023-4783 affects the Magee Shortcodes WordPress plugin up to version 2.1.1. The issue is improper validation/escaping of shortcode attributes, enabling Stored XSS when a page/post renders the shortcode. Exploitation requires contributor+ privileges; impact is stored cross-site scripting with...

5.4CVSS5.3AI score0.00403EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder