3 matches found
CVE-2023-47815
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Venutius BP Profile Shortcodes Extra plugin = 2.5.2 versions...
CVE-2023-47815
CVE-2023-47815 affects the WordPress plugin BP Profile Shortcodes Extra (Venutius) up to version 2.5.2. The vulnerability is Cross-Site Scripting due to improper neutralization of input during web page generation. Patchstack and related sources indicate the fix is to upgrade to 2.5.3 or newer. Th...
WordPress BP Profile Shortcodes Extra Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS)
Software BP Profile Shortcodes Extra Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47815 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 426f08e56edb Credits Ngô Thiên An ancorn from...