CVE-2023-2964

creationtimestamp| type| source ---|---|--- 2023-07-10 20:30:02+00:00| seen| https://t.me/cibsecurity/66275...

CVE-2023-2964

The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks...

CVE-2023-2964

The CVE-2023-2964 entry concerns the WordPress Simple Iframe plugin (vulnerable

CVE-2023-2964 Simple Iframe < 1.2.0 - Contributor+ Stored XSS

The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks...

WordPress Simple Iframe Plugin < 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Simple Iframe Type Plugin Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2964 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 0a6a1d288d08 Credits Jihoon Lee Required...