Search Results | AttackerKB

Show filters

Topics 14 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

14 Total Results

Displaying 11-14 of 14

Attacker Value

Unknown

CVE-2023-23889

Disclosure Date: April 25, 2023 (last updated October 08, 2023)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-25713

Disclosure Date: April 07, 2023 (last updated November 08, 2023)

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-25702

Disclosure Date: April 07, 2023 (last updated November 08, 2023)

Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-0275

Disclosure Date: February 13, 2023 (last updated October 08, 2023)

The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Attack Vector: Network Privileges: Low User Interaction: Required

0