3 matches found
CVE-2023-1891
CVE-2023-1891 affects the Accordion & FAQ WordPress plugin prior to 1.9.9. The vulnerability stems from not escaping generated URLs before outputting them in attributes when notices are displayed, enabling a Reflected Cross-Site Scripting (XSS) condition. Impact is described as reflected XSS, wit...
CVE-2023-1891 Accordion & FAQ < 1.9.9 - Reflected XSS
The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting...
WordPress Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Plugin < 1.9.9 is vulnerable to Cross Site Scripting (XSS)
Software Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Type Plugin Vulnerable versions 1.9.9 Fixed in 1.9.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1891 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID...