4 matches found
CVE-2023-2122 Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...
CVE-2023-2122 Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...
CVE-2023-2122
The CVE-2023-2122 entry concerns the Image Optimizer by 10web WordPress plugin (versions up to 1.0.26). It is vulnerable to a reflected XSS via the iowd_tabs_active parameter, which is sanitized/escaped insufficiently before rendering in the plugin admin panel. Impact is that an attacker could lu...
WordPress Image Optimizer by 10web Plugin < 1.0.27 is vulnerable to Cross Site Scripting (XSS)
Software Image Optimizer by 10web Type Plugin Vulnerable versions 1.0.27 Fixed in 1.0.27 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2122 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b135df868a4f Credits Phạm Ngọc Khá...