Untriaged
Permalink
CVE-2023-27415
5.9 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): HIGH
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress LetterPress Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themeqx LetterPress plugin <= 1.1.2 versions.
References
- https://patchstack.com/database/vulnerability/letterpress/wordpress-letterpress… vdb-entry
- https://patchstack.com/database/vulnerability/letterpress/wordpress-letterpress… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/letterpress/wordpress-letterpress… vdb-entry
- https://patchstack.com/database/vulnerability/letterpress/wordpress-letterpress… vdb-entry x_transferred
Affected products
letterpress
- =<1.1.2
Matching in nixpkgs
pkgs.letterpress
Create beautiful ASCII art
-
nixos-unstable -
- nixpkgs-unstable 2.1
Package maintainers
-
@michaelgrahamevans Michael Evans <michaelgrahamevans@gmail.com>
-
@dawidd6 Dawid Dziurla <dawidd0811@gmail.com>
-
@Aleksanaa Aleksana QwQ <me@aleksana.moe>
-
@getchoo Seth Flynn <getchoo@tuta.io>