Skip to main content

Highlight

2 CVEs product

Monthly

CVE-2023-33187 npm MEDIUM PATCH This Month

Highlight is an open source, full-stack monitoring platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Highlight
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2021-24591 MEDIUM POC This Month

The Highlight WordPress plugin before 0.9.3 does not sanitise its CustomCSS setting, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Highlight
NVD WPScan
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Highlight is an open source, full-stack monitoring platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Highlight
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Highlight WordPress plugin before 0.9.3 does not sanitise its CustomCSS setting, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Highlight
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy