Lucene search
+L

5 matches found

packetstorm
packetstorm
added 2024/03/19 12:0 a.m.348 views

WordPress File Upload Cross Site Scripting

Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Date: 18 December 2023 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "Fil...

7.4AI score
Exploits0
zdt
zdt
added 2024/03/18 12:0 a.m.374 views

WordPress File Upload Plugin < 4.23.3 - Stored XSS Vulnerability

Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "File Upload Plugin":...

5.4CVSS7.1AI score0.00394EPSS
Exploits3
exploitdb
exploitdb
added 2024/03/18 12:0 a.m.388 views

WordPress File Upload Plugin &lt; 4.23.3 - Stored XSS

Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Date: 18 December 2023 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "Fil...

7AI score
Exploits0
patchstack
patchstack
added 2023/10/17 12:0 a.m.16 views

WordPress File Uploader Plugin < 4.23.3 is vulnerable to Cross Site Scripting (XSS)

Software File Uploader Type Plugin Vulnerable versions 4.23.3 Fixed in 4.23.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4811 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1623a29c06e5 Credits FAIYAZ AHMAD Required...

5.4CVSS5.7AI score0.00394EPSS
Exploits3References2Affected Software1
vulnrichment
vulnrichment
added 2023/10/16 7:39 p.m.13 views

CVE-2023-4811 WordPress File Upload < 4.23.3 - Author+ Stored Cross-Site Scripting

The WordPress File Upload WordPress plugin before 4.23.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks...

5.1AI score0.00394EPSS
Exploits3References1
Rows per page
Query Builder