Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2024/01/31 12:0 a.m.10 views

WordPress Restrict Usernames Emails Characters Plugin < 3.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Usernames Emails Characters Type Plugin Vulnerable versions 3.1.4 Fixed in 3.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6165 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9c5a313dd81c Credits Yuhan...

4.8CVSS5.7AI score0.00405EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2024/01/29 3:15 p.m.15 views

CVE-2023-6165

The Restrict Usernames Emails Characters WordPress plugin before 3.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS4.8AI score0.00405EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2024/01/29 2:44 p.m.9 views

CVE-2023-6165 Restrict Usernames Emails Characters Plugin < 3.1.4 - Admin+ Stored XSS

The Restrict Usernames Emails Characters WordPress plugin before 3.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

6.2AI score0.00405EPSS
Exploits2References2
CVE
CVE
added 2024/01/29 2:44 p.m.38 views

CVE-2023-6165

The CVE-2023-6165 entry concerns the WordPress plugin Restrict Usernames Emails Characters, affected up to version 3.1.3. The Red Hat and CVE ecosystem entries confirm the root cause: insufficient sanitization/escaping of certain plugin settings, enabling high-privilege users (e.g., admins) to tr...

4.8CVSS5AI score0.00405EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder