The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values which are printed back to the user inside one of the plugin's administrative page, which allows reflected XSS attacks targeting administrators to happen.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-07-31T09:37:33.393Z

Updated: 2024-08-02T05:17:50.079Z

Reserved: 2023-01-31T19:58:31.990Z

Link: CVE-2023-0602

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-07-31T10:15:10.333

Modified: 2024-11-21T07:37:28.103

Link: CVE-2023-0602

cve-icon Redhat

No data.