cve/CVE-2023-6000.md at 02b2e6ec35cdb7986441d4aba09d9792f0abaf03

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

943 B

Raw Blame History

CVE-2023-6000

Description

The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.

POC

Reference

https://wpscan.com/blog/stored-xss-fixed-in-popup-builder-4-2-3/
https://wpscan.com/vulnerability/cdb3a8bd-4ee0-4ce0-9029-0490273bcfc8

Github

https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/rxerium/CVE-2023-6000
https://github.com/rxerium/stars

943 B Raw Blame History

CVE-2023-6000

Description

POC

Reference

Github

943 B

Raw Blame History