3 matches found
CVE-2023-4283
The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'embedpresscalendar' shortcode in versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
CVE-2023-4283
The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'embedpresscalendar' shortcode in versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
WordPress EmbedPress Plugin <= 3.8.2 is vulnerable to Cross Site Scripting (XSS)
Software EmbedPress Type Plugin Vulnerable versions = 3.8.2 Fixed in 3.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4283 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a24f75e878c8 Credits Lana Codes Required privilege...