5 matches found
CVE-2023-4514
The Mmm Simple File List WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-4514
The Mmm Simple File List WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-4514 Mmm Simple File List <= 2.3 - Contributor+ Stored XSS
The Mmm Simple File List WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-4514
CVE-2023-4514 affects the Mmm Simple File List WordPress plugin (versions
WordPress Mmm Simple File List Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)
Software Mmm Simple File List Type Plugin Vulnerable versions = 2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4514 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2751f94a869f Credits Erwan LR WPScan Require...