According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :
A directory traversal via wp_lang. (CVE-2023-2745)
A Cross-Site Request Forgery (CSRF) via wp_ajax_set_attachment_thumbnail.
An authenticated stored Cross-Site Scripting (XSS) via embed discovery functionality.
An insufficient sanitization of block attributes.
A shortcode execution in user generated content.
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data