The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-05-30T07:49:21.025Z
Updated: 2024-08-02T06:12:19.533Z
Reserved: 2023-04-13T14:56:16.541Z
Link: CVE-2023-2023
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-05-30T08:15:09.787
Modified: 2023-11-07T04:11:41.430
Link: CVE-2023-2023
Redhat
No data.