3 matches found
CVE-2023-6624
The CVE-2023-6624 entry concerns the WordPress Import and export users and customers plugin, vulnerable to Stored Cross-Site Scripting via shortcode attributes in all versions up to and including 1.24.3. The root cause is insufficient input sanitization and output escaping on user-supplied attrib...
CVE-2023-6624 Import and export users and customers <= 1.24.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.24.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Import and export users and customers Plugin <= 1.24.3 is vulnerable to Cross Site Scripting (XSS)
Software Import and export users and customers Type Plugin Vulnerable versions = 1.24.3 Fixed in 1.24.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6624 Patch priority Low CVSS severity Low 6.5 Developer Codection PSID 8dfbaad9de1b Credits...