2 matches found
CVE-2023-2304
CVE-2023-2304 concerns the WordPress plugin Favorites , where a Stored Cross-Site Scripting (XSS) flaw exists in the shortcodes handling of the parameter asset, specifically the user_favorites shortcode. The vulnerability arises from insufficient input sanitization and output escaping on user-sup...
WordPress Favorites Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Favorites Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2304 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 4168c34106e7 Credits Lana Codes Required...