CVE-2023-23728

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...

CVE-2023-23728

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...

CVE-2023-23728 WordPress WP Flipclock Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...

CVE-2023-23728

CVE-2023-23728 affects WordPress WP Flipclock plugin up to version 1.7.4. The root cause is insufficient sanitization/escaping in parameters, enabling a stored XSS that can be triggered by users with Contributor privileges (and higher). Remediation: update to version 1.8 or apply vendor fixes. Ex...