CVE-2023-0422

Name of the Vulnerable Software and Affected Versions Article Directory WordPress plugin versions prior to 1.4

Description The issue arises from improper sanitization of the publish terms text setting, which can be exploited to conduct Stored XSS attacks, particularly in multisite environments. This could potentially allow administrators to execute malicious scripts.

Recommendations For Article Directory WordPress plugin versions prior to 1.4, update to version 1.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the administration panel to minimize the risk of exploitation. Avoid using the publish terms text setting in the administration panel until the issue is resolved.