mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
891 B
891 B
CVE-2023-2122
&color=brighgreen)
Description
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link.
POC
Reference
Github
No PoCs found on GitHub currently.