CVE-2023-5561 (wordpress) | allinfosecnews.com

Oct. 16, 2023, 8:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

The Popup Builder WordPress plugin through 4.1.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

admin attacks builder cross-site cve escape high plugin popup privilege scripting settings wordpress wordpress plugin

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Director, Cyber Risk

@ Kroll | South Africa

View on infosec-jobs.com

Security Engineer, XRM

@ Meta | New York City

View on infosec-jobs.com

Security Analyst 3

@ Oracle | Romania

View on infosec-jobs.com

Internship - Cyber Security Operations

@ SES | Betzdorf, LU

View on infosec-jobs.com

Principal Product Manager (Network/Security Management) - NetSec

@ Palo Alto Networks | Bengaluru, India

View on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany

View on infosec-jobs.com