3 matches found
CVE-2023-5774
The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
CVE-2023-5774
CVE-2023-5774 affects the WordPress plugin Animated Counters (versions ≤ 1.7). The vulnerability is a stored XSS via shortcode attributes caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at Contributor level or higher , and an attacker can ...
WordPress Animated Counters Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)
Software Animated Counters Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5774 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cc65954492ea Credits Dmitrii Ignatyev Required...