CVE-2023-28779

Name of the Vulnerable Software and Affected Versions Vladimir Statsenko Terms descriptions plugin versions <= 3.4.4

Description The issue is related to an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized actions on behalf of the user.

Recommendations For versions <= 3.4.4, update to a version higher than 3.4.4 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the plugin to minimize the risk of exploitation. Avoid using the plugin until the issue is resolved.