Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2024/03/05 12:0 a.m.296 views

WordPress Neon Text 1.1 Cross Site Scripting

Exploit Title: Wordpress Plugin Neon Text = 1.1 - Stored Cross Site Scripting XSS Date: 2023-11-15 Exploit Author: Eren Car Vendor Homepage: https://www.eralion.com/ Software Link: https://downloads.wordpress.org/plugin/neon-text.zip Category: Web Application Version: 1.0 Tested on: Debian /...

6.4CVSS7.4AI score0.00524EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/05 12:0 a.m.288 views

Neontext Wordpress Plugin - Stored XSS

Exploit Title: Wordpress Plugin Neon Text = 1.1 - Stored Cross Site Scripting XSS Date: 2023-11-15 Exploit Author: Eren Car Vendor Homepage: https://www.eralion.com/ Software Link: https://downloads.wordpress.org/plugin/neon-text.zip Category: Web Application Version: 1.0 Tested on: Debian /...

6.4CVSS5.7AI score0.00524EPSS
Exploits4
Cvelist
Cvelist
added 2023/10/27 10:59 a.m.50 views

CVE-2023-5817 Neon text <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontextbox shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes color. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00524EPSS
Exploits4References3
CVE
CVE
added 2023/10/27 10:59 a.m.110 views

CVE-2023-5817

CVE-2023-5817 – Neon text WordPress plugin (neon-text) Affected software: Neon text plugin for WordPress (neontext_box shortcode). Root cause: Insufficient input sanitization and output escaping on user-supplied color attribute in the neontext_box shortcode. Impact: Stored Cross-Site Scripting (X...

6.4CVSS5.2AI score0.00524EPSS
Exploits4References4Affected Software1
Patchstack
Patchstack
added 2023/10/26 12:0 a.m.19 views

WordPress Neon text Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Neon text Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5817 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b1607d0a011 Credits Dmitrii Ignatyev Required privileg...

6.4CVSS5.7AI score0.00524EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder