Untriaged
Permalink
CVE-2023-26008
5.9 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): HIGH
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress Top 10 Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay D'Souza Top 10 – Popular posts plugin for WordPress plugin <= 3.2.4 versions.
References
- https://patchstack.com/database/vulnerability/top-10/wordpress-top-10-plugin-3-… vdb-entry
- https://patchstack.com/database/vulnerability/top-10/wordpress-top-10-plugin-3-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/top-10/wordpress-top-10-plugin-3-… vdb-entry
- https://patchstack.com/database/vulnerability/top-10/wordpress-top-10-plugin-3-… vdb-entry x_transferred
Affected products
top-10
- =<3.2.4
Matching in nixpkgs
pkgs.budgie-desktop
Feature-rich, modern desktop designed to keep out the way of the user
-
nixos-unstable -
- nixpkgs-unstable 10.9.2
pkgs.gnomeExtensions.serenity-desktop
A Per-Monitor-Workspace window manager designed for productive use. It offers two main features:
-
nixos-unstable -
- nixpkgs-unstable 10
Package maintainers
-
@bobby285271 Bobby Rong <rjl931189261@126.com>
-
@getchoo Seth Flynn <getchoo@tuta.io>
-
@honnip Jung seungwoo <me@honnip.page>