WordPress Plugin Vulnerabilities
RSVPMarker < 10.6.7 - Unauthenticated Stored XSS
Description
The plugin does not validate and escape some parameters, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks
Affects Plugins
Fixed in 10.6.7 References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Muhammad Arsalan Diponegoro - tripoloski
Verified
No
WPVDB ID
Timeline
Publicly Published
2023-08-17 (about 2 years ago)
Added
2023-09-27 (about 2 years ago)
Last Updated
2023-09-27 (about 2 years ago)
WPScan 