Lucene search
WpvulndbWPVDB-ID:9345821F-0DDC-4F31-9ED4-3AC4C79BCBF6HistoryNov 16, 2023 - 12:00 a.m.
ImageMapper <= 1.2.6 - Stored XSS via CSRF
2023-11-1600:00:00
wpscan.com
4
stored xss
csrf
csrf attack
arbitrary post titles
imgmap_save_area_title
logged in admins
security vulnerability
Description The plugin does not have CSRF check in its imgmap_save_area_title function, which could allow attackers to make logged in admins update arbitrary post titles with XSS payloads via a CSRF attack
Related
prion
prion
Cross site request forgery (csrf)
2023-11-07 11:15:00
cvelist
cvelist
CVE-2023-5532
2023-11-07 11:01:46
nvd
nvd
CVE-2023-5532
2023-11-07 11:15:11
cve
cve
CVE-2023-5532
2023-11-07 11:15:11
wordfence
wordfence
8.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%
Related for WPVDB-ID:9345821F-0DDC-4F31-9ED4-3AC4C79BCBF6