6 matches found
CVE-2023-0365
The React Webcam WordPress plugin through 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0365
The React Webcam WordPress plugin through 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0365 React Webcam <= 1.2.0 - Contributor+ Stored XSS
The React Webcam WordPress plugin through 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0365 React Webcam <= 1.2.0 - Contributor+ Stored XSS
The React Webcam WordPress plugin through 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0365
The CVE-2023-0365 entry concerns the React Webcam WordPress plugin (versions
WordPress React Webcam Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)
Software React Webcam Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0365 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cf5bf1433f54 Credits Lana Codes Required...