Lucene search
WpvulndbWPVDB-ID:742B2D52-6438-4E76-8D35-D2E08EB88734HistoryOct 24, 2023 - 12:00 a.m.
Maileon < 2.16.1 - Admin+ Stored XSS
2023-10-2400:00:00
wpscan.com
2
security
plugin
vulnerability
xss
admin
parameters
unfiltered_html
multisite
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 2.16.1 |
Related
prion
prion
Cross site scripting
2023-10-25 18:17:00
cvelist
cvelist
nvd
nvd
CVE-2023-46068
2023-10-25 18:17:35
cve
cve
CVE-2023-46068
2023-10-25 18:17:35
wordfence
wordfence
5.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.2%
Related for WPVDB-ID:742B2D52-6438-4E76-8D35-D2E08EB88734