7 matches found
CVE-2023-47684
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions...
WordPress Essential Grid Plugin <= 3.1.1 is vulnerable to Broken Access Control
Software Essential Grid Type Plugin Vulnerable versions = 3.1.1 Fixed in 3.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3235 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 597aadc22d06 Credits 1337Wannabe Required privilege...
Essential Grid < 3.1.1 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-47684
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions...
WordPress Essential Grid Plugin <= 3.0.18 is vulnerable to Broken Access Control
Software Essential Grid Type Plugin Vulnerable versions = 3.0.18 Fixed in 3.0.19 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47771 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 7ac8b383b58b Credits Rafie Muhammad Patchstack...
CVE-2023-47684
CVE-2023-47684 is an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in the ThemePunch OHG Essential Grid plugin for WordPress, affecting versions