Wpb Show Core Project: >> Wpb Show Core >> 2.6 Security Vulnerabilities
The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVSS Score
4.7
EPSS Score
0.002
Published
2024-04-08
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.006
Published
2024-04-08
The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users
CVSS Score
4.8
EPSS Score
0.01
Published
2024-04-08