Lucene search
K

6 matches found

Prion
Prion
added 2023/05/15 1:15 p.m.15 views

Cross site scripting

The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

4.9CVSS5.3AI score0.00462EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2023/05/15 12:15 p.m.54 views

CVE-2023-1019

CVE-2023-1019 affects the WordPress plugin Help Desk WP up to version 1.2.0. The vulnerability is a stored XSS caused by insufficient sanitization/escaping of certain parameters, which could allow users with a role as low as Editor to execute scripts. Public disclosures (Wordfence/RH/PRION/etc.) ...

5.4CVSS5.5AI score0.00462EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/05/15 12:15 p.m.19 views

CVE-2023-1019 Help Desk WP <= 1.2.0 - Editor+ Stored XSS

The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

5.5AI score0.00462EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/15 12:15 p.m.4 views

CVE-2023-1019 Help Desk WP <= 1.2.0 - Editor+ Stored XSS

The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

6AI score0.00462EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.11 views

Help Desk WP <= 1.2.0 - Editor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks. PoC 1. Using a user with Editor Role privileges, go to the support page assigned for the Help Desk WP Plugin. 2. Click on "Add New Ticket", and...

5.4CVSS8.3AI score0.00462EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2023/04/19 12:0 a.m.135 views

Help Desk WP <= 1.2.0 - Editor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks. 1. Using a user with Editor Role privileges, go to the support page assigned for the Help Desk WP Plugin. 2. Click on "Add New Ticket", and fill t...

5.4CVSS8.7AI score0.00462EPSS
Exploits2
Rows per page
Query Builder