6 matches found
CVE-2023-7084
creationtimestamp| type| source ---|---|--- 2024-02-02 21:16:42+00:00| seen| https://t.me/ctinow/178270 2025-06-20 17:46:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19011...
CVE-2023-7084
The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks...
CVE-2023-7084 Voting Record <= 2.0 - Subscriber+ Stored XSS
The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks...
CVE-2023-7084 Voting Record <= 2.0 - Subscriber+ Stored XSS
The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks...
CVE-2023-7084
CVE-2023-7084 affects the Voting Record WordPress plugin up to version 2.0. It enables Stored XSS via authenticated users (e.g., subscribers) due to missing sanitisation and escaping in the voting data handling. The Wordfence Intelligence entry notes an unpatched status for this vulnerability, an...
WordPress Voting Record Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)
Software Voting Record Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7084 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 4244145376c3 Credits Daniel Ruf Required...