Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:57 a.m.7 views

CVE-2023-1021

The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS6.4AI score0.00442EPSS
Exploits2References1
NVD
NVD
added 2023/05/02 8:15 a.m.11 views

CVE-2023-1021

The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS4.7AI score0.00442EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/02 7:4 a.m.6 views

CVE-2023-1021 Amr Ical Events Lists <= 6.6 - Admin+ Stored XSS

The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.00442EPSS
Exploits2References1
CVE
CVE
added 2023/05/02 7:4 a.m.62 views

CVE-2023-1021

CVE-2023-1021 affects the Amr Ical Events Lists WordPress plugin (versions

4.8CVSS4.9AI score0.00442EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2023/05/02 12:0 a.m.5 views

WordPress plugin amr ical events lists 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

4.8CVSS6.3AI score0.00442EPSS
Exploits2References2
Patchstack
Patchstack
added 2023/04/12 12:0 a.m.11 views

WordPress Amr Ical Events Lists Plugin <= 6.6 is vulnerable to Cross Site Scripting (XSS)

Software Amr Ical Events Lists Type Plugin Vulnerable versions = 6.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1021 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 29580a26d815 Credits Shreya Pohekar Require...

4.8CVSS5.7AI score0.00442EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/04 12:0 a.m.13 views

Amr Ical Events Lists <= 6.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Login as Admin. 2. Go to...

4.8CVSS8.4AI score0.00442EPSS
Exploits2Affected Software1
Microsoft KB
Microsoft KB
added 2023/02/14 8:0 a.m.174 views

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: February 14, 2023 (KB5023038)

None None...

8.8CVSS7.1AI score0.8202EPSS
Exploits0
Rows per page
Query Builder