5 matches found
CVE-2023-4270
The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-4270
creationtimestamp| type| source ---|---|--- 2023-09-12 00:26:22+00:00| seen| https://t.me/cibsecurity/70239 2025-05-02 17:16:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14530...
CVE-2023-4270
The vulnerability CVE-2023-4270 affects the Min Max Control WordPress plugin for versions before 4.6. It arises from inadequate sanitisation/escaping of a parameter, resulting in a Reflected Cross-Site Scripting (XSS) that could affect high-privilege users (e.g., admins). The issue is exploitable...
CVE-2023-4270 Min Max Control < 4.6 - Reflected XSS
The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Min Max Control Plugin < 4.6 is vulnerable to Cross Site Scripting (XSS)
Software Min Max Control Type Plugin Vulnerable versions 4.6 Fixed in 4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4270 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f355d50b63c9 Credits Animesh Gaurav Required...