The PDF Viewer WordPress plugin before 1.0.0 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: WPScan
Published: 2023-01-30T20:31:53.710Z
Updated: 2024-08-02T04:54:32.593Z
Reserved: 2023-01-03T02:32:07.757Z
Link: CVE-2023-0033

No data.

Status : Modified
Published: 2023-01-30T21:15:13.057
Modified: 2024-11-21T07:36:25.933
Link: CVE-2023-0033

No data.