5 matches found
CVE-2023-6530
The TJ Shortcodes WordPress plugin through 0.1.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-6530 TJ Shortcodes <= 0.1.3 - Contributor+ Stored XSS via Shortcodes
The TJ Shortcodes WordPress plugin through 0.1.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-6530
CVE-2023-6530 affects TJ Shortcodes WordPress plugin versions
WordPress TJ Shortcodes Plugin <= 0.1.3 is vulnerable to Cross Site Scripting (XSS)
Software TJ Shortcodes Type Plugin Vulnerable versions = 0.1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6530 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 023f1a33a7c9 Credits Dmitrii Ignatyev Required...
CVE-2023-5619
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6530. Reason: This candidate is a reservation duplicate of CVE-2023-6530. Notes: All CVE users should reference CVE-2023-43226 instead of this candidate. All references and descriptions in this candidate have been...