22 matches found
WordPress Multi-column Tag Map Plugin <= 17.0.24 is vulnerable to Cross Site Scripting (XSS)
Software Multi-column Tag Map Type Plugin Vulnerable versions = 17.0.24 Fixed in 17.0.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23815 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c91cbb10a1f3 Credits István Márton...
Multi-column Tag Map < 17.0.25 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...