CVE-2023-0285

The Real Media Library WordPress plugin before 4.18.29 does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:devowl:real_media_library:*:*:*:*:*:wordpress:*:*

History

07 Nov 2023, 04:00

Type Values Removed Values Added
CWE CWE-79

Information

Published : 2023-02-21 09:15

Updated : 2024-02-28 19:51


NVD link : CVE-2023-0285

Mitre link : CVE-2023-0285

CVE.ORG link : CVE-2023-0285


JSON object : View

Products Affected

devowl

  • real_media_library
CWE

No CWE.