The Article Directory WordPress plugin through 1.3 does not properly sanitize the `publish_terms_text` setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/d57f2fb2-5251-4069-8c9a-a4af269c5e62 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-04-10T13:18:01.633Z
Updated: 2023-04-10T13:18:01.633Z
Reserved: 2023-01-20T08:51:21.017Z
Link: CVE-2023-0422
JSON object: View
NVD Information
Status : Modified
Published: 2023-04-10T14:15:08.290
Modified: 2023-11-07T04:00:26.310
Link: CVE-2023-0422
JSON object: View
Redhat Information
No data.
CWE
No CWE.