Lucene search
WpvulndbWPVDB-ID:5690C8F7-A53C-48CF-9A21-628DE3AE6A97HistoryJan 12, 2024 - 12:00 a.m.
Infogram <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
2024-01-1200:00:00
wpscan.com
7
infogram
wordpress
cross-site scripting
stored
vulnerability
authentication
contributor-level access
Description The Infogram plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Related
cvelist
cvelist
prion
prion
Cross site scripting
2024-02-01 10:15:00
cve
cve
CVE-2023-52191
2024-02-01 10:15:09
vulnrichment
vulnrichment
nvd
nvd
CVE-2023-52191
2024-02-01 10:15:09
wordfence
wordfence
AI Score
5.5
Confidence
High
EPSS
0
Percentile
14.0%
Related for WPVDB-ID:5690C8F7-A53C-48CF-9A21-628DE3AE6A97