Cross-Site Scripting vulnerabilities in Multiple WordPress Plugins
Common Information
Type Value
UUID dce04a50-f7a3-41df-9790-8d1fe6773ce4
Fingerprint a8c1611beb3e0816
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 12, 2023, 12:42 p.m.
Added to db Feb. 14, 2023, 3:33 p.m.
Last updated Dec. 24, 2024, 11:51 a.m.
Headline Cross-Site Scripting vulnerabilities in Multiple WordPress Plugins
Title Cross-Site Scripting vulnerabilities in Multiple WordPress Plugins
Detected Hints/Tags/Attributes 21/1/14
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 246 Tenable Research Advisories https://tenable.com/security/research/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 2
cve-2023-23491
Details CVE 2
cve-2023-23492
Details CVE 2
cve-2023-0448
Details Domain 202
wordpress.org
Details File 1
quick-event-manager.php
Details File 30
admin-ajax.php
Details File 1
login-with-phonenumber.php
Details File 2
class-mbwp-helper.php
Details Url 1
https://wordpress.org/plugins/quick-event-manager/affected
Details Url 1
https://wordpress.org/plugins/quick-event-manager
Details Url 1
http://target_host/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=
Details Url 1
http://target_host/wp-admin/admin-ajax.php?action=lwp_forgot_password&id=
Details Url 1
https://wordpress.org/plugins/wp-helper-lite
Details Url 1
http://target_host/wp-admin/admin-ajax.php?action=surveysubmit&aaa=xxx