3 matches found
CVE-2023-5615 Skype Legacy Buttons <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Skype Legacy Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skype-status' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5615
CVE-2023-5615 affects the WordPress plugin Skype Legacy Buttons (versions
WordPress Skype Legacy Buttons Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Software Skype Legacy Buttons Type Plugin Vulnerable versions = 3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5615 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4c9dad501ca8 Credits Lana Codes Required...