3 matches found
WordPress WPCode - Insert Headers and Footers Plugin < 2.0.13.1 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpcode:wpcode"; ifdescription...
CVE-2023-3524
The CVE-2023-3524 entry corresponds to the WPCode WordPress plugin vulnerability: versions prior to 2.0.13.1 fail to escape generated URLs before output in HTML attributes, enabling Reflected XSS. Affected component is the WPCode plugin for WordPress; root cause is improper escaping of URL values...
WordPress WPCode Plugin < 2.0.13.1 is vulnerable to Cross Site Scripting (XSS)
Software WPCode Type Plugin Vulnerable versions 2.0.13.1 Fixed in 2.0.13.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3524 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ef32523fa659 Credits Erwan LR WPScan Require...