2 matches found
WordPress Woodpecker for WordPress plugin <= 3.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_name' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'formname' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin Woodpecker for WordPress versions = 3.0.4...
WordPress A2 Optimized WP Plugin <= 3.0.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software A2 Optimized WP Type Plugin Vulnerable versions = 3.0.4 Fixed in 3.0.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23711 Patch priority Low CVSS severity Low 4.3 Developer A2 Hosting PSID f4b673fc9279 Credits Muhammad Daffa Required...