Vulnerability CVE-2023-2572


Published: 2023-06-05

Description:
The Survey Maker WordPress plugin before 3.4.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/2f7fe6e6-c3d0-4e27-8222-572d7a420153

Copyright 2026, cxsecurity.com

 

Back to Top