2 matches found
CVE-2023-5741
CVE-2023-5741 corresponds to the Powr Pack plugin for WordPress (Powr Pack) vulnerability via the plugin shortcode powr-pack. The issue is a Stored XSS caused by insufficient input sanitization and output escaping on user-supplied shortcode attributes, exposing authenticated attackers with contri...
CVE-2023-5741
The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'powr-powr-pack' shortcode in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...