WordPress Advanced Floating Content Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Floating Content Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32723 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d833224f8b7e Credits Joshua Chan Required privile...

CVE-2022-43458

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Code Tides Advanced Floating Content plugin = 1.2.1 versions...

CVE-2022-43458

CVE-2022-43458 affects Code Tides Advanced Floating Content plugin (versions ≤ 1.2.1). The issue is a Cross-Site Scripting (XSS) vulnerability exploitable by users with contributor or higher permissions. Root cause details are not specified beyond the XSS exposure. Mitigation: update to a version...