CVE-2023-7084
Voting Record <= 2.0 - Subscriber+ Stored XSS
The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
Unknown · Voting RecordWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →