3 matches found
CVE-2023-2488
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape various parameters before outputting them back in admin dashboard pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as ad...
CVE-2023-2488 Stop Spammers Security < 2023 - Reflected XSS
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape various parameters before outputting them back in admin dashboard pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as ad...
CVE-2023-2488
The CVE refers to the WordPress plugin Stop Spammers Security | Block Spam Users, Comments, Forms, with versions prior to 2023 vulnerable to a Reflected XSS due to insufficient sanitisation/escaping of parameters when rendering admin dashboard pages. The impact targets high-privilege users (e.g.,...