Vulnerabilities > Lesterchan

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2021-25117	Cross-Site Request Forgery (CSRF) vulnerability in Lesterchan Wp-Postratings The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). network low complexity lesterchan CWE-352	4.8
2023-11-27	CVE-2023-5560	Cross-site Scripting vulnerability in Lesterchan Wp-Useronline The WP-UserOnline WordPress plugin before 2.88.3 does not sanitise and escape the X-Forwarded-For header before outputting its content on the page, which allows unauthenticated users to perform Cross-Site Scripting attacks. network low complexity lesterchan CWE-79	6.1
2023-08-14	CVE-2023-3721	Cross-site Scripting vulnerability in Lesterchan Wp-Email The WP-EMail WordPress plugin before 2.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) network low complexity lesterchan CWE-79	4.8

Vulnerabilities > Lesterchan {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Lesterchan"}]}