CVE-2023-2028

Posted on 2023년 7월 11일2023년 7월 11일 by admin

CVE-2023-2028

The Call Now Accessibility Button WordPress plugin before 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Source: CVE-2023-2028

답글 남기기 응답 취소