Lucene search
K

67 matches found

Vulnrichment
Vulnrichment
added 2023/11/06 8:41 p.m.11 views

CVE-2023-4858 WP Simple Table Manager Plugin <= 1.5.6 - Admin+ Stored Cross-Site Scripting

The Simple Table Manager WordPress plugin through 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.00405EPSS
Exploits2References2
CVE
CVE
added 2023/11/06 8:41 p.m.61 views

CVE-2023-4858

The CVE-2023-4858 entry concerns WP Simple Table Manager (

4.8CVSS4.9AI score0.00405EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.5 views

WordPress Plugin WP Simple Table Manager Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

4.8CVSS6.1AI score0.00405EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2023/11/06 12:0 a.m.5 views

PT-2023-30862 · WordPress · Simple Table Manager

Name of the Vulnerable Software and Affected Versions: The Simple Table Manager WordPress plugin versions 1.5.6 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, f...

4.8CVSS5.3AI score0.00405EPSS
Exploits2References5
Patchstack
Patchstack
added 2023/10/18 12:0 a.m.12 views

WordPress WP Simple Table Manager Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Simple Table Manager Type Plugin Vulnerable versions = 1.5.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4858 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4aaeb214600f Credits niclo Required...

4.8CVSS5.7AI score0.00405EPSS
Exploits2References2Affected Software1
wpexploit
wpexploit
added 2023/10/16 12:0 a.m.173 views

WP Simple Table Manager Plugin <= 1.5.6 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Click Simple Table Manager then...

4.8CVSS5.5AI score0.00405EPSS
Exploits2References1
OSV
OSV
added 2023/03/29 8:15 p.m.2 views

CVE-2022-47602

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...

5.4CVSS5.8AI score0.00417EPSS
Exploits0References1
NVD
NVD
added 2023/03/29 8:15 p.m.24 views

CVE-2022-47602

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...

6.5CVSS5.8AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2023/03/29 7:24 p.m.37 views

CVE-2022-47602

CVE-2022-47602 affects the WordPress WP Table Manager plugin up to version 3.5.2. The issue is a stored XSS due to insufficient sanitization/escaping of parameters submitted by authenticated users with Contributor+ privileges. Exploitation requires user interaction. The vulnerability’s impact is ...

6.5CVSS5.3AI score0.00417EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/29 7:24 p.m.23 views

CVE-2022-47602 WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...

6.5CVSS6AI score0.00417EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/29 12:0 a.m.6 views

PT-2023-15425 · Joomunited · Wp Table Manager

Name of the Vulnerable Software and Affected Versions: JoomUnited WP Table Manager plugin versions prior to 3.5.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by contributors or users with higher privileges. There is no...

6.5CVSS5.1AI score0.00417EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.5 views

WordPress Plugin WP Table Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.5CVSS5.5AI score0.00417EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.9 views

WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Table Manager Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47602 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 400e13da24ca Credits Cat Required...

6.5CVSS5.7AI score0.00417EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.16 views

WP Table Manager < 3.5.3 - Contributor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...

6.5CVSS5.2AI score0.00417EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.24 views

WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Broken Access Control

Software WP Table Manager Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-47601 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID dd961e3e7567 Credits Cat Required privilege...

6.5AI score0.004EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/09/12 9:15 p.m.3 views

CVE-2022-38295

Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function...

6.1CVSS5.9AI score0.01048EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/09/12 9:15 p.m.4 views

CVE-2022-38295

Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function...

6.1CVSS5.9AI score0.01048EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.4 views

WordPress plugin WP Table Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

5.3CVSS5.5AI score0.004EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/31 10:15 p.m.5 views

CVE-2022-24266

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/tablemanager/ via the orderby parameter...

7.8CVSS7.2AI score0.06391EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/01/31 10:15 p.m.6 views

CVE-2022-24264

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/tablemanager/ via the searchword parameter...

7.8CVSS7.2AI score0.06711EPSS
Exploits1References4
Rows per page
Query Builder