top of page

Posts

[WordPress ProfilePress Plugin](versions 4.5.4 and older) Vulnerability



[WordPress ProfilePress Plugin](versions 4.5.4 and older) Vulnerability to Cross-Site Scripting (XSS)



Importance (CVSS3.0)

★★★★★★★☆☆☆ 7.1/ 10 - High


Details

A Cross-Site Scripting (XSS) vulnerability was discovered in WordPress ProfilePress Plugin.


This vulnerability allows malicious attackers to inject fraudulent scripts such as redirect, ads, and other HTML payload. This may be executed when guests visit the website.


Solutions

Update the WordPress ProfilePress Plugin to the newest version (4.5.5 and newer).


Source

CVE-2023-23830




We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.


[WordPress ProfilePress Plugin](versions 4.5.4 and older) Vulnerability to Cross-Site Scripting (XSS)”, by WS Security is licensed under CC BY 4.0.



0 views
bottom of page