CVE-2023-0422
Summary
The Article Directory WordPress plugin through 1.3 does not properly sanitize the `publish_terms_text` setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts.
- LOW
- NETWORK
- LOW
- CHANGED
- REQUIRED
- HIGH
- LOW
- NONE
References
Advisory Timeline
- Published