Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/17 9:4 p.m.26 views

CVE-2023-7174

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

7.1CVSS5.8AI score0.00163EPSS
Exploits2References3
NVD
NVD
added 2025/05/15 8:15 p.m.7 views

CVE-2023-7174

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

7.1CVSS0.00163EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:9 p.m.9 views

CVE-2023-7174 aBitGone CommentSafe <= 1.0.0 - Settings Update to Stored XSS via CSRF

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

5.8AI score0.00163EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/05/15 8:9 p.m.20 views

CVE-2023-7174 aBitGone CommentSafe <= 1.0.0 - Settings Update to Stored XSS via CSRF

The aBitGone CommentSafe WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

0.00163EPSS
Exploits2References1
Rows per page
Query Builder