Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-0285

Disclosure Date: February 21, 2023 (last updated October 08, 2023)
The Real Media Library WordPress plugin before 4.18.29 does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-0253

Disclosure Date: February 02, 2023 (last updated August 06, 2024)
** REJECT ** **REJECT** Accidental CVE Assignment. Please use CVE-2023-0285.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0