CVE-2023-49740 WordPress Seraphinite Accelerator Plugin <= 2.20.28 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Seraphinite Solutions Seraphinite Accelerator allows Reflected XSS.This issue affects Seraphinite Accelerator: from n/a through 2.20.28...

WordPress and WordPress plugin cross-site scripting vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2023-5610

The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect...

CVE-2023-5609

The Seraphinite Accelerator WordPress plugin before 2.2.29 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...