CVE-2023-4476

Posted on 2023년 9월 26일2023년 9월 26일 by admin

CVE-2023-4476

The Locatoraid Store Locator WordPress plugin before 3.9.24 does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

Source: CVE-2023-4476

답글 남기기 응답 취소