Lucene search
WpvulndbWPVDB-ID:600AAAF7-B971-4559-9D1D-C6A0A484250EHistoryMar 30, 2023 - 12:00 a.m.
affiliate-toolkit – WordPress Affiliate < 3.3.4 - Editor+ Stored XSS
2023-03-3000:00:00
wpscan.com
14
wordpress
affiliate
vulnerability
xss
editor
cross-site scripting
0.0005 Low
EPSS
Percentile
17.5%
The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks
| CPE | Name | Operator | Version |
|---|---|---|---|
| affiliate-toolkit-starter | lt | 3.3.4 |
Related
nvd
nvd
CVE-2023-23786
2023-05-10 08:15:11
prion
prion
Cross site scripting
2023-05-10 08:15:00
cvelist
cvelist
cve
cve
CVE-2023-23786
2023-05-10 08:15:11
wordfence
wordfence