Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-0175

Опубликовано: 20 мар. 2023
Источник: nvd
CVSS3: 5.4
EPSS Низкий

Описание

The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.0:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.6:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.7:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.0.9:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.0:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.6:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.7:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:accesspressthemes:smart_logo_showcase_lite:1.1.9:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 34%
0.00138
Низкий

5.4 Medium

CVSS3

Дефекты

Связанные уязвимости

github логотип

GHSA-xj23-999w-7m54

CVSS3: 5.4
github
почти 3 года назад

The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

EPSS

Процентиль: 34%
0.00138
Низкий

5.4 Medium

CVSS3

Дефекты