2 matches found
CVE-2023-49747
CVE-2023-49747 refers to a Stored XSS in the WordPress plugin Guest Author (WebFactory Ltd) up to version 2.3. The vulnerability arises from improper neutralization of input during web page generation (author name), enabling injected scripts when users view pages. Public reports from Red Hat and ...
WordPress Guest Author Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)
Software Guest Author Type Plugin Vulnerable versions = 2.3 Fixed in 2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49747 Patch priority Medium CVSS severity Medium 5.9 Developer WebFactory Ltd. PSID ddb592007f62 Credits emad Required privilege Author Publishe...