The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-06-27T13:17:16.610Z
Updated: 2024-08-02T06:05:26.590Z
Reserved: 2023-04-05T16:55:31.123Z
Link: CVE-2023-1891
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-06-27T14:15:10.340
Modified: 2023-11-07T04:05:17.507
Link: CVE-2023-1891
Redhat
No data.