6 matches found
CVE-2023-5943
The Wp-Adv-Quiz WordPress plugin before 1.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
WordPress Wp-Adv-Quiz Plugin < 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Wp-Adv-Quiz Type Plugin Vulnerable versions 1.0.3 Fixed in 1.0.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5943 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 12e6f67d0d8b Credits Rafael Aristodimou Required...
CVE-2023-5943
The Wp-Adv-Quiz WordPress plugin before 1.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2023-5943 Wp-Adv-Quiz < 1.0.3 - Admin+ Stored XSS
The Wp-Adv-Quiz WordPress plugin before 1.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2023-5943 Wp-Adv-Quiz < 1.0.3 - Admin+ Stored XSS
The Wp-Adv-Quiz WordPress plugin before 1.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2023-5943
CVE-2023-5943 affects the WordPress plugin Wp-Adv-Quiz prior to version 1.0.3. Root cause: the plugin does not sanitize/escape certain settings, enabling stored XSS by high-privilege users (e.g., administrators) even when unfiltered_html is disallowed. Impact: Cross-Site Scripting could affect si...