2 matches found
CVE-2023-49767
CVE-2023-49767 affects WordPress plugin Biteship (Ongkos Kirim Kurir Instant, Reguler, Kargo). A Stored XSS vulnerability exists in versions up to 2.2.24 (patched in 2.2.28). Exploitation requires authenticated access by Shop Manager or higher, enabling stored script execution via plugin settings...
WordPress Biteship Plugin <= 2.2.27 is vulnerable to Cross Site Scripting (XSS)
Software Biteship Type Plugin Vulnerable versions = 2.2.27 Fixed in 2.2.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49767 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 9051a07a1e48 Credits Luqman Hakim Y Required privilege Sho...