Lucene search
+L

4 matches found

circl
circl
added 2023/12/17 9:6 a.m.7 views

CVE-2023-5738

creationtimestamp| type| source ---|---|--- 2023-12-17 09:06:36+00:00| seen| https://t.me/ctinow/155542...

5.4CVSS6.6AI score0.00426EPSS
Exploits2References1
cve
cve
added 2023/11/27 4:22 p.m.67 views

CVE-2023-5738

CVE-2023-5738 affects WordPress Backup & Migration (plugin up to v1.4.4). Root cause: failure to sanitise/escape certain parameters, enabling Cross-Site Scripting by a Subscriber+ user; confirmed stored XSS path via admin-ajax. Patch availability: fixed in v1.4.5; mitigate by upgrading to 1.4.5 o...

5.4CVSS5.5AI score0.00426EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2023/11/27 4:22 p.m.47 views

CVE-2023-5738 WordPress Backup & Migration < 1.4.5 - Subscriber+ Stored XSS

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks...

5.5AI score0.00426EPSS
Exploits2References1
patchstack
patchstack
added 2023/11/08 12:0 a.m.14 views

WordPress WordPress Backup & Migration Plugin < 1.4.5 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Backup & Migration Type Plugin Vulnerable versions 1.4.5 Fixed in 1.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5738 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 9b9d4e9b2aa2 Credits Krzyszt...

5.4CVSS5.6AI score0.00426EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder