4 matches found
CVE-2023-5432
The Jquery news ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jquery-news-ticker' shortcode in versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2023-5432
creationtimestamp| type| source ---|---|--- 2024-01-12 10:06:49+00:00| seen| https://t.me/ctinow/167175...
CVE-2023-5432
The CVE-2023-5432 entry concerns the WordPress plugin Jquery news ticker. Affected software: the Jquery news ticker plugin for WordPress (versions up to and including 3.1). Vulnerability: Stored Cross-Site Scripting via the jquery-news-ticker shortcode resulting from insufficient input sanitizati...
WordPress Jquery news ticker Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Software Jquery news ticker Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5432 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4f07a499a4a8 Credits István Márton Required...