4 matches found
CVE-2023-23723
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Winwar Media WP Email Capture plugin = 3.9.3 versions...
CVE-2023-23723
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Winwar Media WP Email Capture plugin = 3.9.3 versions...
CVE-2023-23723 WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.9.3 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Winwar Media WP Email Capture plugin = 3.9.3 versions...
CVE-2023-23723
CVE-2023-23723 describes a stored XSS vulnerability in the WordPress plugin “WP Email Capture” by Winwar Media, affecting versions up to 3.9.3. The underlying issue is insufficient sanitization/escaping of certain settings, enabling an attacker with administrator privileges to trigger stored cros...