Lucene search
WpvulndbWPVDB-ID:213E4594-A661-47EF-8C19-BD7E57F0B42DHistoryAug 17, 2023 - 12:00 a.m.
Cab Grid < 1.6 - Admin+ Stored XSS
2023-08-1700:00:00
wpscan.com
13
plugin
validation
escape
parameters
admin role
stored xss
unfiltered_html
capability
multisite
EPSS
0.001
Percentile
18.3%
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Related
cvelist
cvelist
prion
prion
Cross site scripting
2023-08-17 09:15:00
nvd
nvd
CVE-2023-28533
2023-08-17 09:15:10
cve
cve
CVE-2023-28533
2023-08-17 09:15:10
vulnrichment
vulnrichment
wordfence
wordfence