3 matches found
CVE-2023-2654 Conditional Menus < 1.2.1 - Reflected XSS
The Conditional Menus WordPress plugin before 1.2.1 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2654
CVE-2023-2654 concerns the Conditional Menus WordPress plugin prior to version 1.2.1. It allows a Reflected Cross-Site Scripting (XSS) due to not escaping a parameter before outputting it back in an HTML attribute. The description notes this could be exploited against high-privilege users such as...
CVE-2023-2654 Conditional Menus < 1.2.1 - Reflected XSS
The Conditional Menus WordPress plugin before 1.2.1 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...