Lucene search
K

81 matches found

Vulnrichment
Vulnrichment
added 2023/11/14 10:17 p.m.13 views

CVE-2023-47517 WordPress SendPress Newsletters plugin <= 1.23.11.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brewlabs SendPress Newsletters sendpress allows DOM-Based XSS.This issue affects SendPress Newsletters: from n/a through = 1.23.11.6...

7.1CVSS6.8AI score0.00412EPSS
Exploits0References1
OSV
OSV
added 2023/11/14 10:17 p.m.20 views

CVE-2023-47517 WordPress SendPress Newsletters Plugin <= 1.23.11.6 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in SendPress Newsletters plugin = 1.23.11.6 versions...

7.1CVSS6.8AI score0.00412EPSS
Exploits0References4
CVE
CVE
added 2023/11/14 10:17 p.m.39 views

CVE-2023-47517

CVE-2023-47517 is a publicly documented Unauth. Reflected Cross-Site Scripting (XSS) vulnerability affecting the WordPress SendPress Newsletters plugin, specifically versions ≤ 1.23.11.6. The issue allows unauthenticated attackers to inject scripts via the reflected XSS vector, with the exact exp...

7.1CVSS6.9AI score0.00412EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/14 10:17 p.m.29 views

CVE-2023-47517 WordPress SendPress Newsletters Plugin <= 1.23.11.6 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in SendPress Newsletters plugin = 1.23.11.6 versions...

7.1CVSS6.4AI score0.00412EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.5 views

WordPress Plugin SendPress Newsletters Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

7.1CVSS6AI score0.00412EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.5 views

PT-2023-30478 · WordPress · Sendpress Newsletters

Name of the Vulnerable Software and Affected Versions: SendPress Newsletters plugin versions = 1.23.11.6 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing...

7.1CVSS6.3AI score0.00412EPSS
Exploits0References4
Prion
Prion
added 2023/11/07 12:15 p.m.20 views

Cross site scripting

The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

4.9CVSS5.9AI score0.0067EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/11/07 11:31 a.m.19 views

CVE-2023-5660 SendPress Newsletters <= 1.22.3.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.8AI score0.0067EPSS
Exploits1References3
CVE
CVE
added 2023/11/07 11:31 a.m.36 views

CVE-2023-5660

CVE-2023-5660 affects the SendPress Newsletters WordPress plugin and enables Stored Cross-Site Scripting via shortcode attributes in all versions up to 1.22.3.31, with exploitation possible by authenticated contributors or higher. Technical details in connected sources confirm the shortcodes and ...

6.4CVSS5.2AI score0.0067EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/07 11:31 a.m.6 views

CVE-2023-5660

The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.7AI score0.0067EPSS
Exploits1References2
OSV
OSV
added 2023/11/07 11:31 a.m.14 views

CVE-2023-5660 SendPress Newsletters <= 1.22.3.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS6.8AI score0.0067EPSS
Exploits1References5
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.12 views

WordPress SendPress Newsletters Plugin <= 1.23.11.6 is vulnerable to Cross Site Scripting (XSS)

Software SendPress Newsletters Type Plugin Vulnerable versions = 1.23.11.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47517 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9cc0e2ff8594 Credits Le Ngoc A...

7.1CVSS5.6AI score0.00412EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.6 views

WordPress Plugin SendPress Newsletters Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.4CVSS6.6AI score0.0067EPSS
Exploits1References4
NVD
NVD
added 2023/10/10 8:15 a.m.19 views

CVE-2023-41730

Cross-Site Request Forgery CSRF vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

8.8CVSS5.8AI score0.00211EPSS
Exploits0References1
Prion
Prion
added 2023/10/10 8:15 a.m.22 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

6.8CVSS8.8AI score0.00211EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/10 7:47 a.m.24 views

CVE-2023-41730 WordPress SendPress Newsletters Plugin <= 1.22.3.31 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

4.3CVSS9.1AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2023/10/10 7:47 a.m.19 views

CVE-2023-41730 WordPress SendPress Newsletters Plugin <= 1.22.3.31 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

4.3CVSS7.2AI score0.00211EPSS
Exploits0References4
CVE
CVE
added 2023/10/10 7:47 a.m.35 views

CVE-2023-41730

CVE-2023-41730 is a CSRF vulnerability in the WordPress plugin SendPress Newsletters . Multiple sources confirm the issue affects versions listed as &lt;= 1.22.3.31 (and Patchstack references

8.8CVSS8.5AI score0.00211EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/10 7:47 a.m.13 views

CVE-2023-41730 WordPress SendPress Newsletters plugin <= 1.26.1.20 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in brewlabs SendPress Newsletters sendpress allows Cross Site Request Forgery.This issue affects SendPress Newsletters: from n/a through = 1.26.1.20...

4.3CVSS7.4AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.5 views

WordPress Plugin SendPress Newsletters Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS6.6AI score0.00211EPSS
Exploits0References2
Rows per page
Query Builder