Vulnerability CVE-2023-3746


Published: 2023-10-16

Description:
The ActivityPub WordPress plugin before 1.0.0 does not sanitize and escape some data from post content, which could allow contributor and above role to perform Stored Cross-Site Scripting attacks

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/c15a6032-6495-47a8-828c-37e55ed9665a

Copyright 2026, cxsecurity.com

 

Back to Top