2 matches found
CVE-2023-4961
CVE-2023-4961 describes a Stored XSS in the WordPress plugin “Poptin” via the shortcodes shortcode_poptin-form for versions up to and including 1.3. The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, enabling authenticated attackers with contrib...
WordPress Poptin Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)
Software Poptin Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4961 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6ca61fb922bb Credits Lana Codes Required privilege...