4 matches found
CVE-2023-5210
The AMP+ Plus WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-5210
CVE-2023-5210 affects AMP+ Plus WordPress plugin version
CVE-2023-5210 AMP+ Plus <= 3.0 - Reflected Cross Site Scripting
The AMP+ Plus WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress AMP+ Plus Plugin <= 3.0 is vulnerable to Cross Site Scripting (XSS)
Software AMP+ Plus Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5210 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc153061411b Credits Nicolas Surribas Required...