4 matches found
CVE-2023-5942
creationtimestamp| type| source ---|---|--- 2023-12-17 09:06:41+00:00| seen| https://t.me/ctinow/155547...
CVE-2023-5942
The Medialist WordPress plugin before 1.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-5942 Medialist < 1.4.1 - Contributor+ Stored XSS
The Medialist WordPress plugin before 1.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-5942
The CVE-2023-5942 entry corresponds to the Medialist WordPress plugin prior to 1.4.1. The vulnerability is due to not validating/escaping certain shortcode attributes before output, enabling a stored XSS when the shortcode is embedded in a page or post. Impact is described for users with the cont...