2 matches found
CVE-2023-5669 Featured Image Caption <= 0.8.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Featured Image Caption plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and post meta in all versions up to, and including, 0.8.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5669
CVE-2023-5669 affects the Featured Image Caption plugin for WordPress. The vulnerability is a stored XSS via shortcode and post meta in all versions up to 0.8.10, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authentication at con...