WordPress CodeKit – Custom Codes Editor Plugin < 2.3.6 is vulnerable to Cross Site Scripting (XSS)

Software CodeKit – Custom Codes Editor Type Plugin Vulnerable versions 2.3.6 Fixed in 2.3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fe5c4dee3953 Credits Rafie Muhammad...

WordPress CodeKit – Custom Codes Editor plugin <= 2.2.9 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress CodeKit – Custom Codes Editor plugin versions = 2.2.9. Solution Update the WordPress CodeKit – Custom Codes Editor plugin to the latest available version at least 2.3...

WordPress CodeKit – Custom Codes Editor plugin <= 2.2.9 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress CodeKit – Custom Codes Editor plugin versions = 2.2.9. Solution Update the WordPress CodeKit – Custom Codes Editor plugin to the latest available version at least 2.3...