4 matches found
CVE-2023-23833
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Steven Henty Drop Shadow Boxes plugin = 1.7.10 versions...
CVE-2023-23833
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Steven Henty Drop Shadow Boxes plugin = 1.7.10 versions...
CVE-2023-23833
CVE-2023-23833 describes an authenticated Cross-Site Scripting (XSS) vulnerability in the WordPress Drop Shadow Boxes plugin, affecting versions ≤ 1.7.10. The issue stems from improper escaping of input parameters, enabling a contributor-or-higher user to inject scripts into a site. Reported impa...
WordPress Drop Shadow Boxes Plugin <= 1.7.10 is vulnerable to Cross Site Scripting (XSS)
Software Drop Shadow Boxes Type Plugin Vulnerable versions = 1.7.10 Fixed in 1.7.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23833 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a337a4af3925 Credits István Márton...