3 matches found
CVE-2023-5001
The Horizontal scrolling announcement plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'horizontal-scrolling' shortcode in versions up to, and including, 9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Horizontal scrolling announcement Plugin <= 9.2 is vulnerable to Cross Site Scripting (XSS)
Software Horizontal scrolling announcement Type Plugin Vulnerable versions = 9.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5001 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9fe7afb4fe6f Credits Lana Codes...
CVE-2023-5001
CVE-2023-5001 concerns the WordPress plugin “Horizontal scrolling announcement.” The vulnerability is a Stored Cross-Site Scripting (XSS) flaw via the shortcode attribute horizontal-scrolling, affecting versions up to and including 9.2, caused by insufficient input sanitization and output escapin...