3 matches found
WordPress Interact: Embed A Quiz On Your Site Plugin <= 3.0.7 is vulnerable to Cross Site Scripting (XSS)
Software Interact: Embed A Quiz On Your Site Type Plugin Vulnerable versions = 3.0.7 Fixed in 3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5659 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f6656776bbce Credits István...
CVE-2023-5659
CVE-2023-5659 : The WordPress plugin Interact: Embed A Quiz On Your Site is vulnerable to Stored XSS via the interact-quiz shortcode in all versions up to 3.0.7 due to insufficient input sanitization and output escaping on shortcode attributes. Exploitation requires at least contributor privilege...
CVE-2023-5659 Interact: Embed A Quiz On Your Site <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Interact: Embed A Quiz On Your Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'interact-quiz' shortcode in all versions up to, and including, 3.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...