4 matches found
CVE-2023-0333
The TemplatesNext ToolKit WordPress plugin before 3.2.9 does not validate some of its shortcode attributes before using them to generate an HTML tag, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0333 TemplatesNext ToolKit < 3.2.9 - Contributor+ Stored XSS
The TemplatesNext ToolKit WordPress plugin before 3.2.9 does not validate some of its shortcode attributes before using them to generate an HTML tag, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0333
The CVE-2023-0333 entry concerns the TemplatesNext ToolKit WordPress plugin prior to version 3.2.9. The issue is that the plugin does not validate some shortcode attributes before using them to generate HTML tags, enabling Stored Cross-Site Scripting (XSS) when an attacker with Contributor privil...
CVE-2023-0333 TemplatesNext ToolKit < 3.2.9 - Contributor+ Stored XSS
The TemplatesNext ToolKit WordPress plugin before 3.2.9 does not validate some of its shortcode attributes before using them to generate an HTML tag, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...