4 matches found
CVE-2023-23702
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...
CVE-2023-23702 WordPress Comments Ratings Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...
CVE-2023-23702
CVE-2023-23702 is a stored XSS vulnerability in the Pixelgrade Comments Ratings WordPress plugin (versions ≤ 1.1.7) exploitable by users with admin+ privileges. The issue permits injection of malicious scripts via the plugin’s input surface and is rated medium by CVSS (base 4.8–4.9 in sources). P...
WordPress Comments Ratings Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Software Comments Ratings Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23702 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7f7df4a9e3a3 Credits yuyudhn Required privile...