4 matches found
CVE-2023-2026
The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-2026 Image Protector <= 1.1 - Admin+ Stored Cross-Site Scripting
The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-2026
CVE-2023-2026 affects the Image Protector WordPress plugin (
WordPress Defa Online Image Protector Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software Defa Online Image Protector Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2026 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 01e5a8f2cad7 Credits Shreya Pohekar...