Lucene search
WpvulndbWPVDB-ID:9FB00855-4374-4F04-9A3D-4D6FDBC4DF7EHistorySep 07, 2023 - 12:00 a.m.
Simple Membership < 4.3.6 - Reflected XSS
2023-09-0700:00:00
wpscan.com
2
plugin
sanitisation
escape
parameter
cross-site scripting
high privilege users
admin
vulnerability
Description The plugin does not sanitise and escape the list_type parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 4.3.6 |
Related
prion
prion
Cross site scripting
2023-09-06 02:15:00
cve
cve
CVE-2023-4719
2023-09-06 02:15:09
nvd
nvd
CVE-2023-4719
2023-09-06 02:15:09
cvelist
cvelist
CVE-2023-4719
2023-09-06 01:52:45
wordfence
wordfence
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.7%
Related for WPVDB-ID:9FB00855-4374-4F04-9A3D-4D6FDBC4DF7E