5 matches found
CVE-2023-3992
The PostX WordPress plugin before 3.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-3992
CVE-2023-3992 affects the PostX – Gutenberg Post Grid Blocks plugin for WordPress v3.0.6 and earlier. The issue is a Reflected Cross-Site Scripting (XSS) caused by insufficient sanitisation/escaping of a parameter before it is echoed on the page, potentially impacting high-privilege users such as...
CVE-2023-3992 PostX - Gutenberg Post Grid Blocks < 3.0.6 - Reflected Cross-Site Scripting
The PostX WordPress plugin before 3.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-3992 PostX - Gutenberg Post Grid Blocks < 3.0.6 - Reflected Cross-Site Scripting
The PostX WordPress plugin before 3.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress PostX Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Software PostX Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3992 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c90860a27d52 Credits Bob Matyas Required privileg...