cve/2023/CVE-2023-2026.md
2024-05-28 08:49:17 +00:00

814 B

CVE-2023-2026

Description

The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

POC

Reference

Github

No PoCs found on GitHub currently.