3 matches found
CVE-2023-1661 Display post meta, term meta, comment meta, and user meta <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Display post meta, term meta, comment meta, and user meta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post metadata in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2023-1661
CVE-2023-1661 affects the WordPress plugin Display post meta, term meta, comment meta, and user meta . It is a stored Cross-Site Scripting (XSS) vulnerability caused by insufficient input sanitization and output escaping in post metadata handling for versions up to and including 0.4.1. The issue ...
WordPress Display post meta, term meta, comment meta, and user meta Plugin <= 0.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Display post meta, term meta, comment meta, and user meta Type Plugin Vulnerable versions = 0.4.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1661 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID...