3 matches found
CVE-2023-0043
The Custom Add User WordPress plugin through 2.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Custom Add User Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)
Software Custom Add User Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0043 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c948921589af Credits Shreya Pohekar Required...
CVE-2023-0043 Custom Add User <= 2.0.2 - Reflected Cross-Site Scripting
The Custom Add User WordPress plugin through 2.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...