2 matches found
CVE-2023-3369 About Me 3000 widget <= 2.2.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
The About Me 3000 widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...
CVE-2023-3369
CVE-2023-3369 refers to the About Me 3000 widget for WordPress. A Stored Cross-Site Scripting (XSS) flaw exists in admin settings for versions up to and including 2.2.6 due to insufficient input sanitization and output escaping. Impact is limited to authenticated attackers with administrator-leve...