CVE-2023-0421
- Reference to the description:
- Description:
- The Cloud Manager WordPress plugin through 1.0 does not sanitise and escape the query param ricerca before outputting it in an admin panel, allowing unauthenticated attackers to trick a logged in admin to trigger a XSS payload by clicking a link.
- Last updated date:
- 05/15/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 05/15/2023
- Reference url to background
https://wpscan.com/vulnerability/a356fea0-f143-4736-b2b2-c545c525335c