WordPress Vulnerabilities
WP 6.3-6.3.1 - Contributor+ Stored XSS via Footnotes Block
Description
WordPress does not escape some of its Footnotes block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Affects WordPress
References
Classification
Miscellaneous
Timeline
Publicly Published
2023-10-12 (about 9 months ago)
Added
2023-10-13 (about 9 months ago)
Last Updated
2023-10-13 (about 9 months ago)