{"id":"CVE-2023-41655","details":"Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andreas Heigl authLdap plugin \u003c= 2.5.9 versions.","modified":"2026-04-10T05:03:04.046775Z","published":"2023-09-29T14:15:10.273Z","references":[{"type":"ADVISORY","url":"https://patchstack.com/database/vulnerability/authldap/wordpress-authldap-plugin-2-5-8-cross-site-scripting-xss-vulnerability?_s_id=cve"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/heiglandreas/authldap","events":[{"introduced":"0"},{"last_affected":"a8fc56c65eb1c50fbefbb2f454b08508e2d75912"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.5.9"}]}}],"versions":["1.3.1","1.4.0","1.4.1","1.4.14","1.4.15","1.4.16","1.4.17","1.4.19","1.4.2","1.4.20","1.4.21","1.4.3","1.4.4","1.4.5","1.4.6","1.4.7","1.4.8","1.4.9","1.5.0","2.0.0","2.3.0","2.3.1","2.4.0","2.4.1","2.4.10","2.4.11","2.4.2","2.4.3","2.4.4","2.4.5","2.4.6","2.4.7","2.4.8","2.4.9","2.5.0","2.5.1","2.5.2","2.5.3","2.5.3-RC1","2.5.3-RC2","2.5.3-RC3","2.5.4","2.5.4-RC1","2.5.5","2.5.6","2.5.7","2.5.8","2.5.9","v1.3.0","v1.4.10","v1.4.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41655.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}