cve/CVE-2023-6000.md at 992ed5df2f87026aeddf10638eaf95d3582228f9

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

943 B

Raw Blame History

CVE-2023-6000

Description

The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.

POC

Reference

https://wpscan.com/blog/stored-xss-fixed-in-popup-builder-4-2-3/
https://wpscan.com/vulnerability/cdb3a8bd-4ee0-4ce0-9029-0490273bcfc8

Github

https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/rxerium/CVE-2023-6000
https://github.com/rxerium/stars

943 B Raw Blame History

CVE-2023-6000

Description

POC

Reference

Github

943 B

Raw Blame History