3 matches found
CVE-2023-23808
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sergey Panasenko Sponsors Carousel plugin = 4.02 versions...
CVE-2023-23808
CVE-2023-23808 affects the WordPress Sponsors Carousel plugin for versions prior to or equal to 4.02. The issue is an Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the Sponsors Carousel plugin, with the root cause described as stored XSS. The available sources indicate...
WordPress Sponsors Carousel Plugin <= 4.02 is vulnerable to Cross Site Scripting (XSS)
Software Sponsors Carousel Type Plugin Vulnerable versions = 4.02 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23808 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 268e027bdd31 Credits Rio Darmawan Required...