3 matches found
CVE-2023-23677 WordPress GTmetrix for WordPress Plugin <= 0.4.5 is vulnerable to Cross Site Scripting (XSS)
Reflected Cross-Site Scripting XSS vulnerability in GTmetrix GTmetrix for WordPress plugin = 0.4.5 versions...
CVE-2023-23677
The CVE-2023-23677 entry concerns GTmetrix for WordPress, a WordPress plugin affected in versions up to 0.4.5. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw triggered via the url parameter, linked to the plugin’s handling of user-supplied input. The issue has a PatchStack note ...
WordPress GTmetrix for WordPress Plugin <= 0.4.5 is vulnerable to Cross Site Scripting (XSS)
Software GTmetrix for WordPress Type Plugin Vulnerable versions = 0.4.5 Fixed in 0.4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23677 Patch priority Low CVSS severity Low 3.8 Developer Claim ownership PSID 3d02e527ffaa Credits Nguyen Xuan Chie...