cve/CVE-2023-4820.md at a8969e132322a214e7b78da5711159d6f891f0ab

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 4edef1e4c8 Update CVE sources 2024-05-28 08:49

2024-05-28 08:49:17 +00:00

Description

The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin.

POC

Reference

https://wpscan.com/vulnerability/e866a214-a142-43c7-b93d-ff2301a3e432

Github

No PoCs found on GitHub currently.

858 B Raw Blame History

CVE-2023-4820

Description

POC

Reference

Github

858 B

Raw Blame History