3 matches found
CVE-2023-2169
CVE-2023-2169 affects TaxoPress (WordPress) via Stored XSS in Related Posts. The issue arises from insufficient input sanitization and output escaping, exploitable by authenticated attackers with Editor+ to inject scripts that run on pages viewed by users. Affected versions: up to 3.6.4. Patch/mi...
CVE-2023-2169 TaxoPress <= 3.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting
The TaxoPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Related Posts functionality in versions up to, and including, 3.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Editor+ permissions to...
WordPress TaxoPress Plugin < 3.6.5 is vulnerable to Cross Site Scripting (XSS)
Software TaxoPress Type Plugin Vulnerable versions 3.6.5 Fixed in 3.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2169 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 69efcb4014c3 Credits Ivan Kuzymchak Required privileg...