CVE-2023-2964
Simple Iframe < 1.2.0 - Contributor+ Stored XSS
The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Productos afectados
Unknown · Simple Iframe¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →