CVE-2023-2320

creationtimestamp| type| source ---|---|--- 2023-07-04 12:28:12+00:00| seen| https://t.me/cibsecurity/65923...

CVE-2023-2320

CVE-2023-2320 applies to CF7 Google Sheets Connector plugins for WordPress (standard and Pro) before 5.0.2. The issue is a failure to escape a parameter before echoing it into an attribute, causing a reflected XSS that could target admin-level users. Impact per sources: reflected cross-site scrip...

CVE-2023-2320 CF7 Google Sheets Connector < 5.0.2 - Reflected XSS

The CF7 Google Sheets Connector WordPress plugin before 5.0.2, cf7-google-sheets-connector-pro WordPress plugin through 5.0.2 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...

WordPress CF7 Google Sheets Connector Plugin < 5.0.2 is vulnerable to Cross Site Scripting (XSS)

Software CF7 Google Sheets Connector Type Plugin Vulnerable versions 5.0.2 Fixed in 5.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2320 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c57e1f2563da Credits Erwan LR...

WordPress CF7 Google Sheets Connector Pro Plugin <= 2.3.5 is vulnerable to Cross Site Scripting (XSS)

Software CF7 Google Sheets Connector Pro Type Plugin Vulnerable versions = 2.3.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2320 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2600f79af18c Credits Erwan LR...