Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-23912

Disclosure Date: February 28, 2022 (last updated October 07, 2023)
The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not sanitise and escape the id parameter before outputting it back in an attribute, leading to a Reflected cross-Site Scripting
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0