mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
768 B
768 B
CVE-2023-4798
&color=brighgreen)
Description
The User Avatar WordPress plugin before 1.2.2 does not properly sanitize and escape certain of its shortcodes attributes, which could allow relatively low-privileged users like contributors to conduct Stored XSS attacks.
POC
Reference
Github
No PoCs found on GitHub currently.