2 matches found
CVE-2023-4890
CVE-2023-4890 affects the JQuery Accordion Menu Widget for WordPress (WordPress plugin) up to version 3.1.2, enabling Stored XSS via the dcwp-jquery-accordion shortcode. The vulnerability arises from insufficient input sanitization and output escaping of user-supplied attributes. Exploitation req...
WordPress JQuery Accordion Menu Widget Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)
Software JQuery Accordion Menu Widget Type Plugin Vulnerable versions = 3.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4890 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4715a521c168 Credits Lana Codes...