3 matches found
CVE-2023-5664
The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ggpkg' shortcode in all versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2023-5664
CVE-2023-5664 applies to Garden Gnome Package for WordPress. Stored XSS via the ggpkg shortcode affects all versions up to 2.2.8 due to insufficient input sanitization and output escaping on shortcode attributes. The vulnerability permits authenticated users with contributor-level permissions or ...
WordPress Garden Gnome Package Plugin <= 2.2.8 is vulnerable to Cross Site Scripting (XSS)
Software Garden Gnome Package Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5664 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 790dcd0a5adc Credits Lana Codes Required...