Page 3 of 12 results (0.065 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

The Site Reviews WordPress plugin before 5.13.1 does not sanitise some of its Review Details when adding a review as an admin, which could allow them to perform Cross-Site Scripting attacks when the unfiltered_html is disallowed El plugin de WordPress Site Reviews versiones anteriores a 5.13.1, no sanea algunos de los Detalles de las Reseñas cuando se añade una reseña como administrador, que podría permitir llevar a cabo ataques de tipo Cross-Site Scripting cuando unfiltered_html no está permitida. • https://wpscan.com/vulnerability/72aea0e5-1fa7-4827-a173-59982202d323 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de tipo Cross-Site Scripting (XSS) en Site Reviews en versiones anteriores a la 2.15.3 permite que los atacantes inyecten scripts web o HTML arbitrarios utilizando vectores no especificados. • http://jvn.jp/en/jp/JVN60978548/index.html https://wordpress.org/plugins/site-reviews/#developers https://wpvulndb.com/vulnerabilities/9102 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •