PT-2023-25197 · WordPress · Wp Coder

Erwan Lr

Publicado

2023-08-07

Atualizado

2023-08-09

CVE-2023-3524

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions WPCode WordPress plugin versions prior to 2.0.13.1

Description The issue is related to Reflected Cross-Site Scripting. It occurs because the WPCode WordPress plugin does not properly escape generated URLs before outputting them in attributes.

Recommendations For versions prior to 2.0.13.1, update to version 2.0.13.1 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-3524

Produtos afetados

Wp Coder

PT-2023-25197 · WordPress · Wp Coder

CVE-2023-3524

Identificadores relacionados

Produtos afetados

Referências · 5