Search Results | AttackerKB

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2024-38723

Disclosure Date: July 22, 2024 (last updated August 15, 2024)

Server-Side Request Forgery (SSRF) vulnerability in Bernhard Kux JSON Content Importer.This issue affects JSON Content Importer: from n/a through 1.5.6.

Attacker Value

Unknown

CVE-2023-6268

Disclosure Date: December 26, 2023 (last updated January 04, 2024)

The JSON Content Importer WordPress plugin before 1.5.4 does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2023-25485

Disclosure Date: April 25, 2023 (last updated October 08, 2023)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bernhard Kux JSON Content Importer plugin <= 1.3.15 versions.

Attack Vector: Network Privileges: High User Interaction: Required

3 Total Results

Displaying 1-3 of 3

Unknown

CVE-2024-38723

Unknown

CVE-2023-6268

Unknown

CVE-2023-25485

Quick Cookie Notification