Vulnerabilities
Vulnerable Software
Designextreme:  Security Vulnerabilities
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah Hearle, Design Extreme We’re Open! plugin <= 1.46 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-06-13
The We’re Open! WordPress plugin before 1.42 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVSS Score
4.8
EPSS Score
0.001
Published
2022-10-17


Contact Us

Shodan ® - All rights reserved