Lucene search
K

4 matches found

NVD
NVD
added 11 hours ago6 views

CVE-2026-15298

The TelSender plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting in all versions up to, and including, 1.14.14. This is due to insufficient input sanitization when processing Telegram API responses containing attacker-controlled chat titles. This makes it possible for...

7.2CVSS
Exploits0References8
Cvelist
Cvelist
added 2024/12/13 2:24 p.m.13 views

CVE-2023-41683 WordPress TelSender plugin <= 1.14.11 - Broken Access Control + CSRF vulnerability

Missing Authorization vulnerability in Pechenki TelSender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TelSender: from n/a through 1.14.11...

5.4CVSS0.00461EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.6 views

WordPress plugin TelSender 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS8.6AI score0.00461EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/09/04 12:0 a.m.8 views

WordPress TelSender Plugin <= 1.14.11 is vulnerable to Broken Access Control

Software TelSender Type Plugin Vulnerable versions = 1.14.11 Fixed in 1.14.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-41683 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 00112e7933e5 Credits Abdi Pranata Required privilege...

6.6AI score0.00461EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder