Lucene search
PRIOn knowledge basePRION:CVE-2023-5071HistoryOct 20, 2023 - 7:15 a.m.
Cross site scripting
2023-10-2007:15:00
PRIOn knowledge base
www.prio-n.com
2
wordpress
sitekit plugin
stored cross-site scripting
vulnerability
input sanitization
output escaping
authenticated attackers
web scripts
pages
nvd
0.001 Low
EPSS
Percentile
20.2%
The Sitekit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ‘sitekit_iframe’ shortcode in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Related
cve
cve
CVE-2023-5071
2023-10-20 07:15:17
cvelist
cvelist
CVE-2023-5071
2023-10-20 06:35:04
nvd
nvd
CVE-2023-5071
2023-10-20 07:15:17
wpvulndb
wpvulndb
Sitekit < 1.5 - Contributor+ Stored XSS
2023-10-20 00:00:00