Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:6EFFDD89-1129-431F-AAC3-E26FD503E160
HistoryJan 17, 2023 - 12:00 a.m.

teachPress < 8.1.9 - Reflected Cross-Site Scripting

2023-01-1700:00:00
wpscan.com
13
teachpress
version 8.1.9
cross-site scripting

EPSS

0.001

Percentile

31.2%

JSON

The plugin does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Related

cve 1
nvd 1
prion 1
cvelist 1
cve
cve
CVE-2023-22704
2023-03-23 12:15:13
nvd
nvd
CVE-2023-22704
2023-03-23 12:15:13
prion
prion
Cross site scripting
2023-03-23 12:15:00
cvelist
cvelist
CVE-2023-22704 WordPress teachPress Plugin <= 8.1.8 is vulnerable to Cross Site Scripting (XSS)
2023-03-23 11:40:19

EPSS

0.001

Percentile

31.2%

JSON
Related for WPVDB-ID:6EFFDD89-1129-431F-AAC3-E26FD503E160
cve1nvd1prion1cvelist1