CVE-2023-30482 – WordPress WPBulky Plugin < 1.0.10 is vulnerable to Cross Site Scripting (XSS)

https://notcve.org/view.php?id=CVE-2023-30482

17 Jul 2023 — Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions. Vulnerabilidad de Cross-Site Scripting (XSS) almacenado con necesidad de autenticación (permisos de contribuidor o superior) en el plugin VillaTheme WPBulky en versiones anteriores, e incluyendo la 1.0.10. The WPBulky plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.9 due to insufficient input sanitization via the 'sanitize' function whi... • https://patchstack.com/database/vulnerability/wpbulky-wp-bulk-edit-post-types/wordpress-wpbulky-plugin-1-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •