2 matches found
CVE-2023-2399 qubotchat < 1.1.6 - Unauthenticated Stored XSS
The QuBot WordPress plugin before 1.1.6 doesn't filter user input on chat, leading to bad code inserted on it be reflected on the user dashboard...
WordPress QuBotChat Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)
Software QuBotChat Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2399 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 9f1b3d64b154 Credits Rafael B. Required privilege...