cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-4602,https://securityvulnerability.io/vulnerability/CVE-2023-4602,Reflected Cross-Site Scripting in Namaste! LMS Plugin by WordPress,"The Namaste! LMS plugin for WordPress contains a vulnerability that allows for Reflected Cross-Site Scripting through the 'course_id' parameter. Due to inadequate input sanitization and output escaping mechanisms in versions up to 2.6.1.1, attackers can exploit this flaw to inject malicious scripts into web pages. This can occur when a user interacts with a compromised link, potentially leading to unauthorized actions and exposure of sensitive data.",Wordpress,Namaste! LMS,6.1,MEDIUM,0.0012199999764561653,false,,false,false,false,,false,false,2023-11-15T13:15:00.000Z,0
CVE-2023-0844,https://securityvulnerability.io/vulnerability/CVE-2023-0844,Namaste! LMS < 2.6 - Admin+ Stored XSS,"The Namaste! LMS WordPress plugin before 2.6 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",Wordpress,Namaste! LMS,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2023-03-13T17:15:00.000Z,0
CVE-2023-0548,https://securityvulnerability.io/vulnerability/CVE-2023-0548,Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS,"The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",Wordpress,Namaste! LMS,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2023-02-27T16:15:00.000Z,0