Lucene search
WpvulndbWPVDB-ID:DF24C0E0-62B7-4A48-AAA5-AFDDBF917CE7HistoryOct 24, 2023 - 12:00 a.m.
LiteSpeed Cache < 5.7 - Contributor+ Stored XSS
2023-10-2400:00:00
wpscan.com
15
litespeed cache
contributor role
stored xss
Description The plugin does not escape the cache attribute of its esi shortcode before outputting it back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 5.7 |
Related
openvas
openvas
WordPress LiteSpeed Cache Plugin < 5.7 XSS Vulnerability
2023-10-25 00:00:00
osv
osv
CVE-2023-4372
2024-01-11 09:15:46
prion
prion
Cross site scripting
2024-01-11 09:15:00
packetstorm
packetstorm
WordPress LiteSpeed Cache 5.6 Cross Site Scripting
2023-10-24 00:00:00
cvelist
cvelist
CVE-2023-4372
2024-01-11 08:32:29
nvd
nvd
CVE-2023-4372
2024-01-11 09:15:46
wordfence
wordfence
cve
cve
CVE-2023-4372
2024-01-11 09:15:46
zdt
zdt
WordPress LiteSpeed Cache 5.6 Cross Site Scripting Vulnerability
2023-10-24 00:00:00
thn
thn
WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk
2024-02-27 14:43:00
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.2%
Related for WPVDB-ID:DF24C0E0-62B7-4A48-AAA5-AFDDBF917CE7