2 matches found
CVE-2023-32580
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPExperts Password Protected plugin = 2.6.2 versions...
CVE-2023-32580
CVE-2023-32580 affects the WordPress plugin “Password Protected” (WPExperts) ≤ 2.6.2. The issue is an authenticated (admin+) Stored Cross‑Site Scripting (XSS) vulnerability, enabling script injection via the plugin’s handling of input when already logged in as an administrator. Multiple sources c...