CVE-2023-3051
- EPSS 0.15%
- Veröffentlicht 03.06.2023 00:15:09
- Zuletzt bearbeitet 08.04.2026 17:16:58
The Page Builder by AZEXO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'azh_post' shortcode in versions up to, and including, 1.27.133 due to insufficient input sanitization and output escaping. This makes it possible for con...
CVE-2023-3052
- EPSS 0.2%
- Veröffentlicht 03.06.2023 00:15:09
- Zuletzt bearbeitet 08.04.2026 19:18:21
The Page Builder by AZEXO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.27.133. This is due to missing or incorrect nonce validation on the 'azh_add_post', 'azh_duplicate_post', 'azh_update_post'...
CVE-2023-3053
- EPSS 0.07%
- Veröffentlicht 03.06.2023 00:15:09
- Zuletzt bearbeitet 08.04.2026 19:18:21
The Page Builder by AZEXO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'azh_add_post' function in versions up to, and including, 1.27.133. This makes it possible for authenticated at...
CVE-2023-3055
- EPSS 0.09%
- Veröffentlicht 03.06.2023 00:15:09
- Zuletzt bearbeitet 08.04.2026 17:16:58
The Page Builder by AZEXO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.27.133. This is due to missing or incorrect nonce validation on the 'azh_save' function. This makes it possible for unauthe...