2 matches found
CVE-2023-5295
CVE-2023-5295 affects the WordPress plugin Blog Filter (up to version 1.4). Root cause: insufficient input sanitization and output escaping on user-supplied attributes in the vivafbcomment shortcode, allowing stored Cross-Site Scripting. Exploitation requires at least contributor-level authentica...
WordPress Comments by Startbit Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)
Software Comments by Startbit Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5295 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 790370410166 Credits István Márton Required...