4 matches found
CVE-2023-2168
The TaxoPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Suggest Terms Title field in versions up to, and including, 3.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Editor+ permissions to inje...
CVE-2023-2168
The TaxoPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Suggest Terms Title field in versions up to, and including, 3.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Editor+ permissions to inje...
CVE-2023-2168 TaxoPress <= 3.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting
The TaxoPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Suggest Terms Title field in versions up to, and including, 3.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Editor+ permissions to inje...
CVE-2023-2168
CVE-2023-2168 – TaxoPress (WordPress plugin) is a stored cross-site scripting vulnerability in the Suggest Terms Title field, affecting TaxoPress versions up to 3.6.4. The issue arises from insufficient input sanitization and output escaping, enabling an authenticated attacker with Editor+ privil...