cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-2399,https://securityvulnerability.io/vulnerability/CVE-2023-2399,qubotchat < 1.1.6 - Unauthenticated Stored XSS,"The QuBot WordPress plugin before 1.1.6 doesn't filter user input on chat, leading to bad code inserted on it be reflected on the user dashboard.",Wordpress,QuBot,6.1,MEDIUM,0.0007200000109151006,false,,false,false,false,,false,false,2023-06-19T11:15:00.000Z,0
CVE-2023-2401,https://securityvulnerability.io/vulnerability/CVE-2023-2401,Qubotchat < 1.1.6 – Admin+ Stored XSS,"The QuBot WordPress plugin before 1.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",Wordpress,Qubot,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2023-06-19T11:15:00.000Z,0