CVE-2023-5940 in WP Not Login Hide Plugininformação

Sumário

de MITRE • 11/12/2023

The WP Not Login Hide (WPNLH) WordPress plugin through 1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

02/11/2023

Divulgação

11/12/2023

Moderação

aceite

Entrada

VDB-245496

CPE

pronto

EPSS

0.00425

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!