WordPress Campaign Monitor for WordPress plugin <= 2.9.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Campaign Monitor for WordPress versions = 2.9.0...

WordPress Campaign Monitor for WordPress Plugin <= 2.8.13 is vulnerable to Cross Site Scripting (XSS)

Software Campaign Monitor for WordPress Type Plugin Vulnerable versions = 2.8.13 Fixed in 2.8.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-38474 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 625473050b18 Credits Phd Required...