CVE-2023-46628

Missing Authorization vulnerability in RedLettuce Plugins WP Word Count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Word Count: from n/a through 3.2.4...

WordPress plugin WP Word Count 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress WP Word Count Plugin <= 3.2.4 is vulnerable to Broken Access Control

Software WP Word Count Type Plugin Vulnerable versions = 3.2.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-46628 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID becf99c528fe Credits Abdi Pranata Required privilege...

CVE-2022-3408

The WP Word Count WordPress plugin through 3.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

WordPress plugin WP Word Count 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress WP Word Count plugin <= 3.2.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by lucy in the WordPress WP Word Count plugin versions = 3.2.3. Solution Deactivate and delete. This plugin has been closed as of October 6, 2022 and is not available for download. This closure is temporary, pending a full...