2 matches found
WordPress illi Link Party! plugin <= 1.0 - Admin+ Stored Cross-Site Scripting vulnerability
Admin+ Stored Cross-Site Scripting vulnerability discovered by Bob Matyas in WordPress Plugin illi Link Party! versions = 1.0...
CVE-2023-7230
The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks...