3 matches found
CVE-2023-0282
The YourChannel WordPress plugin before 1.2.2 does not sanitize and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks...
CVE-2023-0282
The CVE-2023-0282 entry concerns the YourChannel WordPress plugin prior to version 1.2.2, where not sanitizing/escaping certain parameters enables Cross-Site Scripting by users with Subscriber privileges. The vulnerability affects the plugin before 1.2.2 and can be mitigated by upgrading to versi...
WordPress YourChannel: Everything you want in a YouTube Plugin < 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software YourChannel: Everything you want in a YouTube Type Plugin Vulnerable versions 1.2.2 Fixed in 1.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0282 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID bf43a58f39a3...