Lucene search

K
wpvulndbWpvulndbWPVDB-ID:63270B61-DDDD-4CC0-A091-A04CB4F682EC
HistoryOct 13, 2023 - 12:00 a.m.

WP 6.3-6.3.1 - Contributor+ Stored XSS via Footnotes Block

2023-10-1300:00:00
wpscan.com
13
wordpress
stored xss
footnotes block

AI Score

6.1

Confidence

High

Description WordPress does not escape some of its Footnotes block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

AI Score

6.1

Confidence

High