WordPress Member Profile Forms / Custom Registration / Post From Profile in BuddyPress / BuddyBoss Plugin <= 1.4.10 is vulnerable to Cross Site Scripting (XSS)
Software Member Profile Forms / Custom Registration / Post From Profile in BuddyPress / BuddyBoss Type Plugin Vulnerable versions = 1.4.10 Fixed in 1.4.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Cla...