CVE-2023-4270

The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-4270

The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-4270

The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Cross site scripting

The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-4270

The vulnerability CVE-2023-4270 affects the Min Max Control WordPress plugin for versions before 4.6. It arises from inadequate sanitisation/escaping of a parameter, resulting in a Reflected Cross-Site Scripting (XSS) that could affect high-privilege users (e.g., admins). The issue is exploitable...

CVE-2023-4270 Min Max Control < 4.6 - Reflected XSS

The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress plugin Min Max Control cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

PT-2023-28520 · WordPress · Min Max Control

Name of the Vulnerable Software and Affected Versions: Min Max Control WordPress plugin versions prior to 4.6 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the page...

WordPress Min Max Control Plugin < 4.6 is vulnerable to Cross Site Scripting (XSS)

Software Min Max Control Type Plugin Vulnerable versions 4.6 Fixed in 4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4270 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f355d50b63c9 Credits Animesh Gaurav Required...

Min Max Control < 4.6 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. alert1'...