5 matches found
CVE-2023-47659
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Lavacode Lava Directory Manager plugin = 1.1.34 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Lavacode Lava Directory Manager plugin = 1.1.34 versions...
CVE-2023-47659
CVE-2023-47659 is a stored XSS vulnerability in the Lava Directory Manager WordPress plugin by Lavacode, affecting versions up to 1.1.34. The vulnerability is exploitable by an authenticated contributor (per Patchstack) and remains unpatched in the public release history. Multiple sources corrobo...
Cross site scripting
Unauth. Stored Cross-Site Scripting XSS vulnerability in Lavacode Lava Directory Manager plugin = 1.1.34 versions...
CVE-2023-46081
CVE-2023-46081 affects the Lava Directory Manager plugin for WordPress, with vulnerable versions being 1.1.34 where available per PT-SECURITY guidance; otherwise monitor for an official patch.