9 matches found
CVE-2023-49839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
CVE-2023-49839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
CVE-2023-49839
CVE-2023-49839 is a reflected XSS in KlbTheme core plugins (Cosmetsy, Partdo, Bacola, Medibazar, Furnob, Clotya) caused by improper neutralization of input during web page generation. Affected versions include Cosmetsy up to 1.3.0; Partdo up to 1.0.9; Bacola up to 1.3.3; Medibazar up to 1.2.3; Fu...
CVE-2023-49839 Reflected Cross-Site Scripting vulnerability in multiple WordPress components by KlbTheme
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
WordPress Cosmetsy Core Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Cosmetsy Core Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49839 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77a58ba376e1 Credits RE-ALTER Required privilege...
WordPress Partdo Core Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Partdo Core Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49839 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 032d52a975bc Credits RE-ALTER Required privilege...
WordPress Furnob Core Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Software Furnob Core Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49839 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6b532f21e047 Credits RE-ALTER Required privilege...
WordPress Bacola Core Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Bacola Core Type Plugin Vulnerable versions = 1.3.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49839 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d717888feaf6 Credits RE-ALTER Required privilege Unauthenticate...
WordPress Clotya Core Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)
Software Clotya Core Type Plugin Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49839 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e214e8c2ed6d Credits RE-ALTER Required privilege...