CVE-2023-0333

The TemplatesNext ToolKit WordPress plugin before 3.2.9 does not validate some of its shortcode attributes before using them to generate an HTML tag, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:templatesnext:templatesnext_toolkit:*:*:*:*:*:wordpress:*:*

History

07 Nov 2023, 04:00

Type Values Removed Values Added
CWE CWE-79

Information

Published : 2023-02-13 15:15

Updated : 2024-02-28 19:51


NVD link : CVE-2023-0333

Mitre link : CVE-2023-0333

CVE.ORG link : CVE-2023-0333


JSON object : View

Products Affected

templatesnext

  • templatesnext_toolkit
CWE

No CWE.