Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-0644

Опубликовано: 15 мая 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 6.1

Описание

The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

РелизСтатусПримечание
bionic

not-affected

windows-specific
devel

not-affected

windows-specific
esm-infra-legacy/trusty

not-affected

windows-specific
esm-infra/bionic

not-affected

windows-specific
esm-infra/focal

not-affected

windows-specific
esm-infra/xenial

not-affected

windows-specific
focal

not-affected

windows-specific
jammy

not-affected

windows-specific
kinetic

not-affected

windows-specific
lunar

not-affected

windows-specific

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%
0.00253
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2023-0644

CVSS3: 6.1
nvd
больше 2 лет назад

The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

github логотип

GHSA-8pvr-vj93-gj3v

CVSS3: 6.1
github
больше 2 лет назад

The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

EPSS

Процентиль: 48%
0.00253
Низкий

6.1 Medium

CVSS3