CVE-2023-4970

The PubyDoc WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-4970

The PubyDoc WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-4970

The PubyDoc WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

Cross site scripting

The PubyDoc WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-4970

CVE-2023-4970 affects the PubyDoc WordPress plugin (versions

WordPress Plugin PubyDoc Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2023-31302 · WordPress · Pubydoc Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: PubyDoc WordPress plugin versions 2.0.6 and earlier Description: The issue allows high privilege users, such as admins, to perform Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and escape some of...

PubyDoc <= 2.0.6 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed 1 After the installing the plugin, create a new table at...

PubyDoc <= 2.0.6 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC 1 After the installing the plugin, create a new table at...

WordPress PubyDoc Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS)

Software PubyDoc Type Plugin Vulnerable versions = 2.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4970 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ca6c875b31f5 Credits Vaishnav Rajeevan Required privile...