Vulnerability CVE-2023-1890


Published: 2023-05-15

Description:
The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting

See advisories in our WLB2 database:
Topic
Author
Date
Low
WordPress Tablesome Cross Site Scripting
Taurus Omar
27.07.2023

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/8ef64490-30cd-4e07-9b7c-64f551944f3d

Copyright 2024, cxsecurity.com

 

Back to Top