Lucene search
WpvulndbWPVDB-ID:05A63D24-FE2C-4315-B8E4-DB2F4A318B1CHistoryJan 21, 2023 - 12:00 a.m.
Advanced Social Pixel <= 2.1.1 - Admin+ Stored XSS
2023-01-2100:00:00
wpscan.com
9
social pixel
stored xss
high privilege users
admin
unfiltered html
multisite.
0.001 Low
EPSS
Percentile
21.2%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
| CPE | Name | Operator | Version |
|---|---|---|---|
| ns-facebook-pixel-for-wp | eq | * |
Related
nvd
nvd
CVE-2023-24381
2023-03-20 11:15:11
cvelist
cvelist
prion
prion
Cross site scripting
2023-03-20 11:15:00
cve
cve
CVE-2023-24381
2023-03-20 11:15:11