CVE-2023-45062

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Thomas Scholl canvasio3D Light plugin = 2.4.6 versions...

WordPress canvasio3D Light Plugin <= 2.5.0 is vulnerable to Broken Access Control

Software canvasio3D Light Type Plugin Vulnerable versions = 2.5.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-48776 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID c7a418353e30 Credits Abdi Pranata Required...

CVE-2023-45062 WordPress Download canvasio3D Light Plugin <= 2.4.6 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Thomas Scholl canvasio3D Light plugin = 2.4.6 versions...

CVE-2023-45062

CVE-2023-45062 affects the WordPress plugin canvasio3D Light. The vulnerability is an unauthenticated, reflected Cross-Site Scripting (XSS) in canvasio3D Light, with vulnerable versions reported as &lt;= 2.4.6. The root cause is inadequate sanitization/escaping of input parameters before output, ...