5 matches found
CVE-2023-4308
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2023-4308
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2023-4308
CVE-2023-4308 affects the WordPress plugin User Submitted Posts, with Stored Cross-Site Scripting via the user-submitted-content parameter in versions up to and including 20230809. The exploitation is unauthenticated and can cause arbitrary script execution when a user visits an injected page. Pu...
CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content'
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
WordPress User Submitted Posts Plugin <= 20230809 is vulnerable to Cross Site Scripting (XSS)
Software User Submitted Posts Type Plugin Vulnerable versions = 20230809 Fixed in 20230811 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4308 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7067f0962238 Credits NGÔ THI...