CVE-2023-45655

CVE-2023-45655 affects PixelGrade PixFields plugin for WordPress, with CSRF in versions prior to 0.7.0. The authenticated/unathenticated impact is described as CSRF leakage; PatchStack and Red Hat/NVD entries corroborate the vulnerability and indicate a fix in version 0.7.1. Practical impact is C...

CVE-2022-46844

CVE-2022-46844 involves WordPress PixelGrade PixFields plugin and is a stored XSS affecting versions <= 0.7.0, exploitable by contributors with authentication. The initial description and multiple connected sources confirm an XSS in PixFields with input stored and reflected in outputs. Public ...