2 matches found
CVE-2023-4779
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's uspgallery shortcode in versions up to, and including, 20230811 due to insufficient input sanitization and output escaping on user supplied attributes like 'before'. This makes it possible...
CVE-2023-4779
CVE-2023-4779 affects the WordPress plugin User Submitted Posts . The vulnerability is a stored XSS via the plugin’s [usp_gallery] shortcode, caused by insufficient input sanitization and output escaping on user-supplied attributes (e.g., ‘before’). Impact: authenticated attackers with contributo...