4 matches found
CVE-2023-52178
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MojofyWP WP Affiliate Disclosure allows Stored XSS.This issue affects WP Affiliate Disclosure: from n/a through 1.2.7...
CVE-2023-52178
creationtimestamp| type| source ---|---|--- 2024-01-05 09:21:51+00:00| seen| https://t.me/ctinow/163437 2024-01-24 09:41:37+00:00| seen| https://t.me/ctinow/172616...
CVE-2023-52178
CVE-2023-52178 affects the WP Affiliate Disclosure plugin for WordPress. Vulnerable in versions up to 1.2.7, it allows an authenticated Contributor+ to trigger a stored XSS via the $id parameter in the plugin’s stored content. Public references in the provided documents confirm the vulnerability ...
WordPress WP Affiliate Disclosure Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)
Software WP Affiliate Disclosure Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-52178 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 308ee33f0ea5 Credits resecured.io Required privileg...