Untriaged
Permalink
CVE-2023-41797
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress Locations Plugin <= 4.0 is vulnerable to Cross Site Scripting (XSS)
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gold Plugins Locations plugin <= 4.0 versions.
References
- https://patchstack.com/database/vulnerability/locations/wordpress-locations-plu… vdb-entry
- https://patchstack.com/database/vulnerability/locations/wordpress-locations-plu… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/locations/wordpress-locations-plu… vdb-entry
- https://patchstack.com/database/vulnerability/locations/wordpress-locations-plu… vdb-entry x_transferred
Affected products
locations
- =<4.0
Matching in nixpkgs
pkgs.kubectl-view-allocations
kubectl plugin to list allocations (cpu, memory, gpu,... X utilization, requested, limit, allocatable,...)
-
nixos-unstable -
- nixpkgs-unstable 0.23.4
pkgs.python312Packages.locationsharinglib
Python package to retrieve coordinates from a Google account
-
nixos-unstable -
- nixpkgs-unstable 5.0.3
pkgs.python313Packages.locationsharinglib
Python package to retrieve coordinates from a Google account
-
nixos-unstable -
- nixpkgs-unstable 5.0.3
Package maintainers
-
@mrene Mathieu Rene <mathieu.rene@gmail.com>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>